Il 05/04/2012 09:39, steve ha scritto: > Are we losing anything (on a server) by not having the stuff we've > removed? I don't think so. Yes: the ability to use a TPM (or other HW keystore like smartcards) as the private key store -- if your server gets compromised, all the keys/certs on it must be revoked and re-issued.
But probably you aren't interested in such a thing. BTW I agree that 5 minutes is really too much time (much more than needed to generate a 2048-bit RSA key on a smartcard!). BYtE, Diego. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba