> If you publish a TA for any of your domains, how will you know if > I or anyone else has put this TA in our configuration file? it's really simple. bif can be pretty assured that almost all of the (secure) net has not. we install the root ta and that's it. and for a damned good reason. randy