On 25/09/14 22:33, Matt Palmer wrote: >> * Client certs can be invisibly stolen if a machine is compromised > > Well, the cert is quasi-public information, so it doesn't matter if they get > stolen, invisibly or otherwise. The private key, on the other hand... > <grin> But at any rate, just stick the key/cert in a USB HSM. Problem > solved.
Right. That does make it better from this perspective, but a) there is a risk (depending on design) that key ops can be done without your knowledge as long as the key is plugged in, and b) surely this just adds to the system any disadvantages a widget might have? But, yes, many other good points. I am being enlightened :-) Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
