[dns-operations] OpenHardware FPGA-based HSM SCA6000 with OpenSSL?

[Randy Bush]

>> Making a tamper-evident box with SoftHSM is (I think) much easier to
>> do, more scalable and done quicker.
> Right. I think that one question has not been asked so far: why? What's
> the real benefit that you'd get out of this?

sounds like a diy hsm to me.

and i still want to understand the threat model motivating hsm use in
dnssec and rpki signing.

randy