Where exactly am I speculating? Am 17.10.2013 um 01:07 schrieb Phillip Hallam-Baker <[email protected]>:
> On Wed, Oct 16, 2013 at 5:26 PM, Oliver Loch <[email protected]> wrote: > >> Hi, >> >> these devices are nothing else than a modified server that runs some >> special OS or services on them. The keys are stored inside and can be >> transferred for backup- or clustering reasons. So there are at least two >> ways to get your fingers on those keys. Even if they are still encrypted. >> The password for decryption needs to be known to be able to restore the >> backup on a vanilla system (and I don't think all systems of one vendor use >> the same password on all of them and for every backup). >> >> I also think that bigger CAs have multiple devices in at least two >> different locations to prevent any kind of physical damage to the CA like >> fire, power outage, missiles from NSA drones (ok, I admit the last one is a >> bit sci-fi, isn't it?). >> > > Rather than speculate, try reading the Certificate Practices Statements of > the CAs. They all describe how the private keys are managed. > > Each HSM vendor has their own security controls but a FIPS140 level 4 > device won't release them except to another FIPS-140 device. There is no > way to extract the key from the system unencrypted. > > > -- > Website: http://hallambaker.com/ > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
