[dns-operations] OpenHardware FPGA-based HSM SCA6000 with OpenSSL?

Randy Bush randy at psg.com
Mon Oct 15 18:26:30 UTC 2012

>> Making a tamper-evident box with SoftHSM is (I think) much easier to
>> do, more scalable and done quicker.
> Right. I think that one question has not been asked so far: why? What's
> the real benefit that you'd get out of this?

sounds like a diy hsm to me.

and i still want to understand the threat model motivating hsm use in
dnssec and rpki signing.


More information about the dns-operations mailing list