>-----Original Message----- >From: R. DuFresne [mailto:[EMAIL PROTECTED]] >Sent: 11 October 2001 12:35 >To: [EMAIL PROTECTED] >Subject: Re: Apache connection died > > >On Thu, 11 Oct 2001, Owen Boyle wrote: > >> >> Personally, I would remove the passphrase since <flame-war>I >think it is >> a waste of time</flame-war>. To do so, consult The Fine Manual: >> >> http://www.modssl.org/docs/2.8/ssl_faq.html#ToC31 >> > >No flames from here, but, security should be more on the minds of folks >these days, not less security. That being said, removal of >the password >might well be okay, depending upon the security of the server >in question. >How many folks have hands-on access to this system? How many >folks have >telnet/ssh/ftp access to this system? Those are issues to be >considered >when making this kind of decision. > >Thanks, > >Ron DuFresne >-- The theory is that if an attacker gets hold of your key AND compromises your DNS then they could impersonate you. I find myself agreeing with Owen on this one that they are a waste of time. If someone can compromise your DNS, then you really aren't doing your job properly, notwithstanding the fact you'll have far bigger issues to deal with (intercepted email, fake email being as from you etc).
- John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
