> There are many places where a PKI breaks - hash collisions are far down the > list.
What he said. 4KRSA -SHA-256 is fine for a CA. Most likely operational issues will cause you problems. Invest in an HSM. -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz
