[dns-operations] Summary: Anyone still using a Sun/Oracle SCA6000 with OpenSSL?

Daniel Kalchev daniel at digsys.bg
Tue Oct 16 16:00:07 UTC 2012


On Oct 15, 2012, at 12:41 AM, Richard Lamb <richard.lamb at icann.org> wrote:

> Why not the tpm migration method? I. E.
> 
> 
> The receiving hsm produces the public half of a master storage key.  
> Then the starting hsm "authorizes" the key for use for exporting with pomp and circumstance ;-)
> Then the starting hsm encrypts it's keys with this key (rsa) for transfer to the receiving hsm.
> Receiving hsm unwraps the key using its private key.
> Done


Problem with this migration method is that the sending HSM has to trust the transport keys it receives. It could very easily be tricked to export it's keys to any party who provides transport keys. 
This possibility makes the "secure" aspect of the HSM irrelevant and the thing just a piece of hardware to show people and claim "we are secure, as we paid this bunch of money".

Daniel


More information about the dns-operations mailing list