Paul Rubin enlightened us with: > If you're paranoid, you can scrounge some $20 obsolete laptop from > ebay and dedicate it to use as a CA, never letting it touch the > internet (transfer files to and from it on floppy disc).
caCert use a special box for this too. It has no network connection, and communicates through a serial cable. All it does with that serial cable is accept certificate requests and spit out signed certificates :) Sybren -- The problem with the world is stupidity. Not saying there should be a capital punishment for stupidity, but why don't we just take the safety labels off of everything and let the problem solve itself? Frank Zappa -- http://mail.python.org/mailman/listinfo/python-list