On 2012-02-06 20:43 -0500 (Mon), Dave Thompson wrote:
> Even in these cases you might choose
> to discard the first keypair and generate a new one.
Careful there; it does depend on for what you're using the keypair. For
your typical TLS-enabled-web-server usage that's fine, but if you're
doing something where you want to read encrypted data at a later date
(e.g., S/MIME e-mail messages), tossing the keypair you need to read
this these is kind of a bad idea....
cjs
--
Curt Sampson <c...@cynic.net> +81 90 7737 2974
http://www.starling-software.com/
I have always wished for my computer to be as easy to use as my telephone;
my wish has come true because I can no longer figure out how to use my
telephone. --Bjarne Stroustrup
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
