[dns-operations] OpenHardware FPGA-based HSM SCA6000 with OpenSSL?
Robert Kisteleki
robert at ripe.net
Tue Oct 16 14:23:41 UTC 2012
>> It's possible to come up with bad escrow mechanisms, which leave the key
>> vulnerable. That's just bad engineering, it's got nothing to do with HSMs.
>> However, a properly designed procedure with enough support from the HSM will
>> defend against this.
>
> The same is true for systems that act like HSMs.
Indeed. So what's the difference between HSMs and "systems that act like HSMs"?
Robert
More information about the dns-operations
mailing list