I'm implimenting an intranet web server and will need SSL. I know of the dangers of using a self-signed certificate. I see it is trivial to create a Certificate Authority (CA) but is it really more secure? In other words, couldn't someone still craft a man-in-the-middle attack? Ideally, I'd place the CA on the same box as the web server, but I can move it if that's more secure. ===== /dev/idal "GNU/Linux is free freedom" --Me __________________________________ Do you Yahoo!? Exclusive Video Premiere - Britney Spears http://launch.yahoo.com/promos/britneyspears/ ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
