Hiya,
WRT setting up a local CA for TLS, you said it was: On 19/02/2024 00:37, Paul Vixie wrote:
intensely difficult
but that's not my experience. For browsers, I believe they all have MDM setups to address that. For other applications, rolling a tiny-scope local CA isn't hard in my experience, though to be fair, I've not often tried to do that in a robustly secure manner. Building and running a larger scale enterprise CA is costly yes, but doable at an affordable cost I think. So, can you clarify the intense difficulty? Or did I mis-read your mail? Ta, S.
OpenPGP_0xE4D8E9F997A833DD.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
