At 12:53 PM 4/26/00, you wrote: >Of course, nothing is as secure as a human being typing the passphrase in >at startup, but we've established that that is too much like hard work :). Sorry, .. but you missed the point. If you are rebooting a server: 1) In many cases the person doing the rebooting does not have root access, .. much less knowledge OF the pass phrase! 2) In many other cases, the reboot is done remotely. 3) In both cases above, the server would HANG on reboot awaiting a passphrase. 3) In 95% of the other cases, nobody is going to the trouble to write a C program just to enter the passphrase. 4) A passphrase on a server doesn't really matter anyway, .. since if the machine is setup correctly only the SysAdmin has access to the directory with the key. In reality, passphrases are only applicable on user-level machines. Lee ============================================ Leland V. Lammert [EMAIL PROTECTED] Chief Scientist Omnitec Corporation Network/Internet Consultants www.omnitec.net ============================================ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]