[dns-operations] Summary: Anyone still using a Sun/Oracle SCA6000 with OpenSSL?

Randy Bush randy at psg.com
Mon Oct 15 18:42:53 UTC 2012

>> Be trustee is a key to use HSM or hardware encryption. And because we
>> are running a critical Internet infrastructure, I think should be the
>> way, be trustee.
> that's called security theater.  what is the threat model?  what is
> the asset you are protecting against what attack by what adversary?

to be clear.  i am not saying use of hsms is good, bad, or indifferent.
i am saying that, without a reasonable threat analysis, we are all
spewing hot air.  i am merely asking for that threat analysis.


More information about the dns-operations mailing list