According to the documentation, RSAref is a mandatory requirement for US citizens. I can find no reference to Canadian citizens, but past experience has led me to believe that most security requirements for the United States also applies to Canada. Does anyone know if this applies to the US only or if I have to install it as well? To go even further, I do host sites from American companies. If they wish to use my secure server, would they have to follow these requirements? Jeff Burgoyne (proud member of the state of Canada :) ) ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]