Edward Diener wrote: > Please suggest ways to do so. The server is no different from any other > server database. It accepts a username/password to prevent unauthorized > users from accessing its data. I am perfectly willing to listen to other > server techniques which involve security, or read about such techniques, > but I need to be pointed to such things. Just generally saying what you > say is not going to help me. I am open to specific suggestions if you > want to give them.
If the username/password prevents unauthorized users from accessing the data, and a user can only do what he or she is allowed to do, what is the rationale for trying to protect the certificates? (From what you've said previously, it seems to be, "that will give my boss a warm fuzzy feeling".) What you are doing is putting a screen door on your safe. If the safe's existing door is not adequate, the screen door sure as hell isn't going to be. If protecting the certificates is necessary, it is inadequate. Therefore, you must design your system such that protecting the certificates is not necessary. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
