Re: Any benefit to individual keys for subdomains?

From: Steve Jenkins <stevejenkins_at_gmail.com>
Date: Thu, 25 Apr 2013 09:59:21 -0700

On Thu, Apr 25, 2013 at 9:57 AM, Murray S. Kucherawy <msk_at_blackops.org>wrote:

> On Thu, 25 Apr 2013, Steve Jenkins wrote:
>
>> But I'm just wondering if there is any benefit to breaking it out
>> separately
>>
>
> There are a few things that come to mind but they're all kind of minor:
>
> 1) You don't ever have to copy keys from one box to the other, which means
> there's less of an opportunity for mishandling of something sensitive.
>
> 2) Configuration is ever so slightly more tricky.
>
> 3) If there's anyone out there collecting per-selector data about
> reputation, those two machines will develop separate reputations. (That
> may actually be a good thing, depending on how they're used.)
>
> I think it's more of a "Sure you could do it that way, but why?" situation.


Thx, Murray. I have my two personal servers sharing a key, but didn't know
if I was missing something by not doing it the other way. :)

SteveJ
Received on Thu Apr 25 2013 - 16:59:36 PST