Which of the following is the most reliable way to acquire a company’s public asymmetric key to be confident it really is owned by that company?
a. Obtain it from a digital signature posted on that company’s website.
b. Obtain it directly from the company by means of an encrypted email.
c. Obtain it from a valid digital certificate issued by a trusted certificate authority and posted on the company’s website.
d. Obtain it directly from the company via a USB delivered by a trusted delivery service (e.g., FedEx, UPS, or DHL).
Answer-a. Obtain it from a digital signature posted on that's company's website.
Digital signature are secure and it is complicated to falsify one. because, being based on asymmetric Cryptography, they have a private key which only the signatory knows, and a public key which is available to everyone both are generated through a public key algorithm.
for a case for digital signature forgery to occur, the attacker would have to get hold of the signer's private key and this is extremely difficult.
therefore company are going to use a digital signature you can rest assured and trust it to do any procedure.
Get Answers For Free
Most questions answered within 1 hours.