David, David Stutzman wrote: >> If you are only trying to protect the private key from being >> extracted, >> then the answer is obvious - don't use a software token, use >> an HSM that >> stores the key in such a way that it cannot be extracted. > > And when Julien says HSM, a USB crypto token would provide security > vastly superior to a password protected PKCS#8/12. He probably means > hardware token in general, which is good advice.
Yes, I meant hardware tokens, but of course the devil is in the details of the implementation. Not every hardware token is equally well designed. >> If you are trying to protect the private key from also being used >> improperly at any time, then I am not sure what the solution is for >> servers that need to run and start unattended. > > Some HSMs have provisions for even this sort of thing. You create > quorums of cards with an n of k scheme where you need at least n out of > k cards to enable the use of a particular key which implies multiple > people are to be involved in the key activation. And what happens when the power goes out for longer than the UPSes can last ? Don't some people need to get involved to reactivate the key on the module, so that the servers can start to use them again ? Having the token login done externally may have the advantage that you don't need to re-enter the token password explicitly on every single server, but it still doesn't truly protect against improper key usage. Once you have logged in externally to the token, every process on the machines that have access to the token (say, over a network connection) can use the key on that token, can't they ? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
