> Some folks here might be interested in > http://webservices.xml.com/pub/a/ws/2003/12/09/salz.html > which walks through a secure, auditable root keygen and signing ceremony.
We had something similar going on at Zeroknowlege Systems for the PKI of the Freedom servers. But the password that protected the private key was in split knowledge, and the observer wrote down what he observed in a log journal... You also want to make sure that the computer you are doing this on is not connected to another machine or network. --Anton --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]