> I believe better protection would be to
> keep private keys on external tamper-evident hardware.
This is certainly true. However, if somebody compromises your system
with the smart encryption card, then they can probably use the card to
sign things. This isn't as good as having your key, since if you can
close the hole you don't necessarily have to repudiate the key
(although you probably should). There's no perfect solution, of
course. All of the solutions we've talked about make sense given
different cost/benefit scenarios.
_MelloN_
- starting up servers that need access to secrets Jeffrey M. Smith
- Re: starting up servers that need access to secrets Matthew Hamrick
- Re: starting up servers that need access to secrets Rich Salz
- Re: starting up servers that need access to secr... Jeffrey M. Smith
- Re: starting up servers that need access to ... Rich Salz
- Re: starting up servers that need access... Ben Laurie
- Re: starting up servers that need a... Rich Salz
- Re: starting up servers that need access... Ted Lemon
- Re: starting up servers that need access... Eric Murray
- Re: starting up servers that need access to secr... Ted Lemon
- RE: starting up servers that need access to secrets Salz, Rich
- Re: starting up servers that need access to secrets Jeff . Hodges
