[dns-operations] OpenHardware FPGA-based HSM SCA6000 with OpenSSL?

Paul Hoffman paul.hoffman at vpnc.org
Mon Oct 15 16:13:45 UTC 2012

On Oct 15, 2012, at 7:39 AM, Alexander Gall <gall at switch.ch> wrote:

> A hardware HSM allows you to detect when your keys get stolen
> (provided the hardware does not implement extraction of the keys, of
> course).  In our case, this is the *only* reason we use a HSM at all.

A properly-designed software-based HSM in a tamper-evident box would have the same property.

--Paul Hoffman

More information about the dns-operations mailing list