According to X.509, should a standard private key signature generate the same encrypted message forever? Am I right?
To avoid a match, which data field in the digital certificate will be changed?
they cannot process user information, but by managing a digital signature created using a secret key and saving it with a web page, an attacker can say that I am CA certified and the web browser agrees with this information. it's true?
Version number, Serial number, Certificate algorithm identifier, Issuer name, Validity period, Subject name, Subject public key information Unique identifier of the issuer, Unique identifier of the subject, Extensions, Digital signature of the certification authority. These are fields in a digital certificate, if these fields do not change forever, the encrypted value will be the same forever. If I go to gmail, it will send an encrypted digital certificate. If I use this encrypted digital certificate on my web page, I can say, I am the owner of gmail.but, but I can not use the transfer of information by the user, since I will not have a private key
source
share