Root Certificate Authority

From: William (anonymous_at_discussions.microsoft.com)
Date: 08/13/04 

Date: Fri, 13 Aug 2004 02:10:38 -0700

Hi,

I have read that it is an idea to keep the Root CA
physically disconnected from the external world to prevent
it from being compromised.

In setting up my PKI, if I do this, does it mean that end
users can still request, renew, revoke and verify
certicates with intermediatory CA's? Or does the root CA
need to be online to do this?

Thanks,
William.

Relevant Pages

  • Re: lifecyle?
    ... settings that allow one to run as actual root. ... when going online. ... to go online with Linux until I find an easy, ... clear, GUI-based, 2-way firewall. ...
    (microsoft.public.vb.general.discussion)
  • Re: [opensuse] USB permissions screwed after last online update
    ... I just noticed that I can't access my digital camera or my scanner as a non-priviledged after the last online update... ... The only way to do it is, as you guessed, being logged in as root... ...
    (SuSE)
  • Re: CANNOT LOG ON AS USER
    ... > a hardware firewall, ... online - if the doors into your system are hanging off their hinges what ... But you were saying you didn't think a root kit would be much of a problem ...
    (alt.os.linux.suse)
  • /usr/sbin/online permission denied
    ... license, but for some reason, the processor won't come online. ... a reboot, ... I thought root could "do ...
    (Tru64-UNIX-Managers)