On 10/17/2013 1:04 PM, Gervase Markham wrote:
On 17/10/13 00:07, Phillip Hallam-Baker wrote:Each HSM vendor has their own security controls but a FIPS140 level 4 device won't release them except to another FIPS-140 device. There is no way to extract the key from the system unencrypted.Phil: what prevents a government just turning up with such a device and saying "copy your private key into here, please"?
.. and also give us all associated access/credential material.
Thanks, M.D.
Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
