bbatchel> any scarier than as a file in a filesystem? if the private key resides on a host across a network from the user, it is scary (a little less scary if you have some kind of agent-forwarding as in ssh, but still scary). if the private key resides on a user's own system, then this is not nearly as scary.