Bug#298689: Bug with Debian Apache2 logrotate script
On Tue 2005-May-17 09:23:12 +1000, Adam Conrad wrote:
> Perhaps the more interesting question for you is: Why do you use
> passphrases on your SSL certs? If they're only readable by root, what
> have you gained with a passphrase?
My reason for using a passphrase protected key (and stumbling
right into the logrotate problem) is that this key is used for a
certificate physically present on several machines -- and the
backups thereof!
I do realize that if "online" access as root is gained, I'm
doomed. However, trying to protect against the situation where
someone gets "offline" access to a copy of the file seems to be
a very valid reason. Just the same reason for which you're
protecting your private PGP key with a passphrase...
Regards,
Marcus
--
Marcus C. Gottwald <gottwald@quantum-hydrometrie.de>
Quantum Hydrometrie GmbH, Berlin
Reply to: