[dns-operations] [Ext] Re: Destroying HSMs

Randy Bush randy at psg.com
Thu Feb 1 23:09:34 UTC 2018

> Bear in mind these HSMs were already formally zeroized at a previous
> ceremony, which makes the physical destruction of the cryptographic
> module essentially an exercise in security theatre.

your trust in the security device vendor is a bit 1990s

do you know which chips hold the master keys?  dremel.


More information about the dns-operations mailing list