[dns-operations] [Ext] Re: Destroying HSMs
Kim Davies
kim.davies at iana.org
Thu Feb 1 17:23:52 UTC 2018
Quoting Tony Finch on Thursday February 01, 2018:
> Is this going to be like the way GCHQ required the Guardian to destroy
> some computers with Dremels and a degausser?
We are bringing in a vendor who specializes in the secure destruction
of such things. Bear in mind these HSMs were already formally zeroized
at a previous ceremony, which makes the physical destruction of the
cryptographic module essentially an exercise in security theatre.
However, it didn't seem quite right to simply take the HSMs out of
service as-is.
kim
More information about the dns-operations
mailing list