Thanks to all users that have contributed to this discussion.
The info/links/opinons provided have been most usefull, it is a great list.
Paul Fraser
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/
On 2014-01-09, Paul F Fraser wrote:
> Software and physical safe keeping of Root CA secret key are central
> to security of a large set of issued certificates.
> Are there any safe techniques for handling this problem taking into
> account the need to not have the control in the hands of one person
On Thu, Jan 9, 2014 at 11:08 AM, Thierry Moreau <
thierry.mor...@connotech.com> wrote:
> I guess a multisignature trust system requires some algorithm support
> beyond RSA and ECC signature schemes pushed by NIST, and thus would have
> been rejected on the (questionable) basis of lack of support i
Tony Arcieri wrote:
On Thu, Jan 9, 2014 at 7:51 AM, Thierry Moreau
mailto:thierry.mor...@connotech.com>> wrote:
I would suggest that the DNSSEC deployment at the root would be a
good case study for IT security management, from an historic
perspective. The primary source documents, a
On Thu, Jan 09, 2014 at 10:36:23AM -0800, Tony Arcieri wrote:
> I'd actually look at DNSSEC as something of an antipattern. They ostensibly
> seem to be using One Key To Rule Them all and a Shamir-like secret sharing
> scheme.
>
> This makes less sense to me than a multisignature trust system / th
On Thu, Jan 9, 2014 at 7:51 AM, Thierry Moreau wrote:
> I would suggest that the DNSSEC deployment at the root would be a good
> case study for IT security management, from an historic perspective. The
> primary source documents, and the conclusion of such case study, could be
> helpful to you bu
Peter Bowen wrote:
On Wed, Jan 8, 2014 at 11:54 PM, ianG wrote:
On 9/01/14 02:49 AM, Paul F Fraser wrote:
Software and physical safe keeping of Root CA secret key are central to
security of a large set of issued certificates.
Are there any safe techniques for handling this problem taking into
On 9/01/14 18:05 PM, Peter Bowen wrote:
On Wed, Jan 8, 2014 at 11:54 PM, ianG wrote:
On 9/01/14 02:49 AM, Paul F Fraser wrote:
Software and physical safe keeping of Root CA secret key are central to
security of a large set of issued certificates.
Are there any safe techniques for handling thi
On Wed, Jan 8, 2014 at 11:54 PM, ianG wrote:
> On 9/01/14 02:49 AM, Paul F Fraser wrote:
>>
>> Software and physical safe keeping of Root CA secret key are central to
>> security of a large set of issued certificates.
>> Are there any safe techniques for handling this problem taking into
>> accoun
On 9/01/14 02:49 AM, Paul F Fraser wrote:
Software and physical safe keeping of Root CA secret key are central to
security of a large set of issued certificates.
Are there any safe techniques for handling this problem taking into
account the need to not have the control in the hands of one person
Paul Fraser asked:
#Software and physical safe keeping of Root CA secret key are central to
#security of a large set of issued certificates.
#
#Are there any safe techniques for handling this problem taking into account the
#need to not have the control in the hands of one person?
#
#Any links o
Den 9 jan 2014 00:56 skrev "Paul F Fraser" :
>
> Software and physical safe keeping of Root CA secret key are central to
security of a large set of issued certificates.
> Are there any safe techniques for handling this problem taking into
account the need to not have the control in the hands of one
Software and physical safe keeping of Root CA secret key are central to security of a large set of
issued certificates.
Are there any safe techniques for handling this problem taking into account the need to not have the
control in the hands of one person?
Any links or suggestions of how to hand
13 matches
Mail list logo
