* bmanning at vacation.karoshi.com wrote: > Has -anyone- (other than presumeably Mike) built an implementation of > RFC 5011, automated key rollover? I'm dusting off my crufty old > Threshold code, but that is not "spec". Yes. for my (commercial) remote signing service.