On Mon, Mar 24, 2003 at 11:53:35PM -0800, JC wrote: > Maybe I'm just silly, but from what I can see there doesn't seem to be > any private key encryption used. If this is the case can someone help me > understand why private key encryption is not being used?
My feeling is that nessus-mkcert and nessus-mkcert-client are relatively simple hacks to help secure communications between client and server rather than provide for a full-blown public key infrastructure. If you're *really* concerned about security, you'll purchase / roll your own PKI. This way, you don't worry about things like the private key for the CA, as generated by nessus-mkcert, lacking a password! George -- [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
