>I am in the unfortunate situation of having to run a server in a
>machineroom which I don't completely trust.
Some folks at the Cypherpunks meetings have been working on projects
using the Dallas Semi iButton, which is a cheap FIPS140-1 Level 1
certified hardware security device. You can get them, load your keys
in them, and rig your OS/Apps to use this thing. An alternative
would be to use an nCipher device. These protections would keep
people from copying the keys, but it is certainly conceivable they
could make off with the device entirely. That's why you'd want to
incorporate some kind of remote authentication as well.
pablos.
--
Paul Holman
Chief Technologist
Fort Nocs, Inc.
<http://www.fortnocs.com/>
408.861.3970 office
877.834.7723 fax
[EMAIL PROTECTED]
<http://www.shmoo.com/~pablos/>
PGP fingerprint: CFBF CC8D 7BC8 FDE3 74BD
9DB0 88E6 B201 3F5A B569
