[dns-operations] OpenHardware FPGA-based HSM SCA6000 with OpenSSL?

Miek Gieben miek at miek.nl
Mon Oct 15 18:39:46 UTC 2012


[ Quoting <robert at ripe.net> in "Re: [dns-operations] OpenHardware F..." ]
> > Making a tamper-evident box with SoftHSM is (I think) much easier to
> > do, more scalable and done quicker.
> 
> Right. I think that one question has not been asked so far: why? What's
> the real benefit that you'd get out of this?

I don't now as it wasn't my idea. Right now it sounds like a cool project.

> Also consider (and try to estimate the cost of) the effort you'd need to
> put in to make this "right", whatever that means.

FIPS compliance comes to mind...

 Regards,

-- 
    Miek Gieben                                                   http://miek.nl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20121015/de67fbc7/attachment-0001.sig>


More information about the dns-operations mailing list