I am aware of at least one public CA - still in business - that fits this description.
Every private PKI we have setup since 1999 (more than a dozen, of which a few were for the largest companies in the world) has had the Root CA on a non-networked machine with commensurate controls to protect the CA. Arshad Noor StrongAuth, Inc. On 12/08/2011 06:54 AM, Eugen Leitl wrote:
Is anyone aware of a CA that actually maintains its signing secrets on secured, airgapped machines, with transfers batched and done purely by sneakernet?
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
