martin f krafft said on Wed, Jan 26, 2005 at 01:59:45PM +0100: > also sprach Craig Sanders <cas@taz.net.au> [2005.01.26.1249 +0100]: > > btw, if you are root on the client machines, doesnt that make > > installation of cerificates a) easy and b) easily automated? > > See above. Yes, if the machines are reachable. No in all practical > configurations. It sounds like you're set up for a serious failure if you are expected to admin machines that you can't access... If you don't want to setup a full CA (and I agree, openssl isn't the whole thing), have you considered cacert.org? They issue free certs from their CA, and assuming you're willing to trust them (which I would for relaying purposes), they seem to handle the gnarly bits. M
Attachment:
pgpUsEder44x6.pgp
Description: PGP signature