Richard Salz wrote:

The cards that I know about work differently -- you configure them to allow unattended reboot, and then no PIN is involved. This is a little more secure, in that it requires a conscious decision to do this, as opposed to sticking the PIN somewhere on the filesystem.

I'm not sure I'm following, Richard.

All the HSMs I've worked with start their system daemons automatically;
but the applications using them must still authenticate themselves to
the HSM before keys can be used.  How do the cards you've worked with
authenticate the application if no PINs are involved?

Arshad Noor
StrongAuth, Inc.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to