[dns-operations] Destroying HSMs
Daniel Kalchev
daniel at digsys.bg
Thu Feb 1 14:52:18 UTC 2018
It is important that heavy smoke comes out of the unit when destroyed — otherwise nobody will believe it was the real one.
Daniel
> On 1 Feb 2018, at 16:37, Joao Damas <joao at bondis.org> wrote:
>
> Actually it isn’t such a bad idea.
> We could verify, for everyone to see, that the types of manipulation that are supposed to trigger the anti-tampering on the HSMs work as expected. For instance, open the device and verify it self erases. Same for strong vibration (and here is where the hammer comes in handy).
>
> Joao
>
>> On 1 Feb 2018, at 15:32, Nicolas Antoniello <nantoniello at gmail.com <mailto:nantoniello at gmail.com>> wrote:
>>
>> May we hammer it while connected (just to see what happens) ?
>> ... ok, I´m a kid... my fault !
>> :P
>>
>>
>> On Thu, Feb 1, 2018 at 11:02 AM, Vladimír Čunát <vladimir.cunat+ietf at nic.cz <mailto:vladimir.cunat+ietf at nic.cz>> wrote:
>> On 02/01/2018 03:19 AM, John Levine wrote:
>> >> Favourite line:
>> >>
>> >> "9. CA and Contractor performs the destruction of each HSM part repeatedly."
>> > Huh. I would have expected at least the HSMs get to have a last meal.
>>
>> What's "meal"? Do you suggest an electric chair?
>>
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net <mailto:dns-operations at lists.dns-oarc.net>
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-operations <https://lists.dns-oarc.net/mailman/listinfo/dns-operationsdns-operations> mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations <https://lists.dns-oarc.net/mailman/listinfo/dns-operations>
>>
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net <mailto:dns-operations at lists.dns-oarc.net>
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations <https://lists.dns-oarc.net/mailman/listinfo/dns-operations>
>> dns-operations mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20180201/8ee90dc5/attachment.html>
More information about the dns-operations
mailing list