Arshad Noor <[email protected]> writes: >Every private PKI we have setup since 1999 (more than a dozen, of which a few >were for the largest companies in the world) has had the Root CA on a >non-networked machine with commensurate controls to protect the CA.
What about TSAs, where you need a key with an irrevocable cert active on a machine directly connected to the Internet? Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
