On Fri, Apr 01, 2005 at 12:49:50PM -0800, Chris Adams wrote:
On Apr 1, 2005, at 12:10 PM, Henrique de Moraes Holschuh wrote:
On Fri, 01 Apr 2005, martin f krafft wrote:
... and you need a passphrase to decode the key -- or at least you
*should* need one.
Better not count on it when dealing with users.
That's what I meant by the two approaches being equal from a policy
perspective - you're going to have to audit either way.
And you audit that how? By having your users send their private keys to
you?
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
