[dns-operations] HSM recommendations

John Levine johnl at taugh.com
Thu Sep 7 03:50:39 UTC 2017


In article <CAHw9_i++QY3bvX2XGmrRn2vp-P=fy29vgZ=1+9g+EZgkF0a8FQ at mail.gmail.com> you write:
>The cryptech project is very much designed to be open (so that you can
>build your own / verify what was built), and to not rely on crypto
>magic provided by others. You might not need this level of tinfoil /
>your threat model might differ, but it's a fascinating project, I
>encourage people to look into it and get involved.

Seems to me that if you don't need that level of tinfoil, an old linux
box with one account makes a dandy LSM.

R's,
John



More information about the dns-operations mailing list