Who here is running full pki in their home?
I have my own standalone offline root with online subordinate servers in my sandbox. The offline root is a vm on a rw dvd that lives in my safe deposit box outside of when I have to bring it back for root certificate refresh every 2 years (intentional, keeps the VM current and I burn a new dvd just because).
All of my internal domain traffic is encrypted, and a device certificate is required along with login credentials.
Is this over the top or just getting to where we should be?
I have my own standalone offline root with online subordinate servers in my sandbox. The offline root is a vm on a rw dvd that lives in my safe deposit box outside of when I have to bring it back for root certificate refresh every 2 years (intentional, keeps the VM current and I burn a new dvd just because).
All of my internal domain traffic is encrypted, and a device certificate is required along with login credentials.
Is this over the top or just getting to where we should be?