On Tue 2005-May-17 09:23:12 +1000, Adam Conrad wrote:
> Perhaps the more interesting question for you is: Why do you use
> passphrases on your SSL certs? If they're only readable by root, what
> have you gained with a passphrase?
My reason for using a passphrase protected key (and stumbling
right into the logrotate problem) is that this key is used for a
certificate physically present on several machines -- and the
backups thereof!
I do realize that if "online" access as root is gained, I'm
doomed. However, trying to protect against the situation where
someone gets "offline" access to a copy of the file seems to be
a very valid reason. Just the same reason for which you're
protecting your private PGP key with a passphrase...
Regards,
Marcus
--
Marcus C. Gottwald <[EMAIL PROTECTED]>
Quantum Hydrometrie GmbH, Berlin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
