Thank you for sharing your suggestions and thoughts. I am working with Julius on a project and, after discussing it a bit, we really like the idea of making privilege separation for private keys in LibreSSL. First, it solves the problem when running on a non-virtualized OpenBSD. Second, it establishes a clear boundary for the use of private keys. It does seem like quite some work, but we will explore this direction further.
- LibreSSL: Use of hardware enclaves to protect TLS keys Julius Chrobak
- Re: LibreSSL: Use of hardware enclaves to protect TL... Ostap Cherkashin
