Eric Rescorla wrote:
Frankly, I don't think the password advice makes much sense.
You in general want your server to restart unattended
This means that the key needs to be available without
some clown at the console typing the password. So, either
you don't use a password or you wire it into some config
file or script, at which point the question becomes why
you didn't just protect the key with whatever file permissions
protect the password.
Sure - what I was asking was only that it be stated that the
example is showing a s/w key store with no passphrase and
maybe also say that using h/w crypto for servers is better.
S.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html