On Wed, 2009-07-15 at 13:25 +0200, Dr. Stephen Henson wrote: > A possibility would be to use a PKCS#11 soft-token which wont export keys. I'm > not aware of any such thing but it could be done. It would need to encrypt > it's key database in such a way that it would only work on one PC. > I suggest using opencryptoki (pkcs11 software device) with TPM. Use a TPM non-migratable key.
bye! -- Emanuele Cesena <emanuele.ces...@gmail.com> Il corpo non ha ideali ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
