As expected. You know, in the Linux community, machines are hacked all the time, I guess we would have heard of stolen certs by now.
We know they're mass defaced by script kiddies running scripts and we know about it from the effects that happen to websites, now if someone seriously wanted to get keys and you didn't know about it I see that as a real issue...
Right. In OpenPGP, one is supposed to create a revocation certificate up front, and then keep that in a safe place. I have never bothered.
I doubt most others have either, I know I have for the CAcert signing keys, but never for my own personal keys...
Now, this is not really representative, there aren't many companies out there that built systems that scattered keys around like they were free!
Slowed you down, didn't stop you...
-- Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
