Rainer Sokoll wrote:
True, but I guess my assumption was that if someone had access to steal
the cert from the end user pc, they could also steal the key.
On Fri, May 21, 2004 at 08:19:18AM +1200, Dave Green wrote:
for the certificate. If the certificate files should get stolen they
will be if no use without the password. And in any case, the cert can be
revoked as well.
Please correct me if I'm wrong: In my understanding, a stolen
certificate makes no danger at all. Without the private key, it is
useless. You can even post your certificates on usenet ;-)
But if, and only if, the private key gets stolen, then you have to
revoke the certificate on the CA.
Is that correct?
This message and any attachments contain privileged and confidential
information. If you are not the intended recipient of this message, you
are hereby notified that any use, dissemination, distribution or
reproduction of this message is prohibited. If you have received this
message in error please notify the sender immediately via email and then
destroy this message and any attachments.
Any views expressed in this message are those of the individual sender
and may not necessarily reflect the views of Winstone Pulp International
Openvpn-users mailing list