Legally rolling them would defeat the point of the request and thus likely out you in contempt. <div><br></div><div>The only solution is to not have the private key itself available to you and design the system such that you don&#39;t need it to do the minimal job Adminning the server. </div>
<div><br></div><div>It&#39;s like having no logs. You can&#39;t give away something you don&#39;t have. The solution is to design the systems so Americans simply don&#39;t have access to the info being requested. <br><br>
On Tuesday, October 22, 2013, coderman  wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Mon, Oct 21, 2013 at 8:57 PM, coderman &lt;<a href="javascript:;" onclick="_e(event, &#39;cvml&#39;, &#39;coderman@gmail.com&#39;)">coderman@gmail.com</a>&gt; wrote:<br>

&gt; ...<br>
&gt; every time you hand it over, change it.<br>
<br>
<br>
there&#39;s risk of an active attack; and some browser *cough* disabled<br>
CRL checks &quot;for performance reasons&quot;.<br>
<br>
rock and a hard place...  still better than nothing to roll them upon delivery.<br>
</blockquote></div><br><br>-- <br><div dir="ltr">Kelly John Rose<div>Toronto, ON<br>Phone: +1 647 638-4104<br>Twitter: @kjrose<br>Skype: <a href="http://kjrose.pr" target="_blank">kjrose.pr</a>
</div><div>Gtalk: <a href="mailto:iam@kjro.se" target="_blank">iam@kjro.se</a></div><div>MSN: <a href="mailto:msn@kjro.se" target="_blank">msn@kjro.se</a><div style="text-align:left"><br></div>Document contents are confidential between original recipients and sender.</div>
</div><br>