On 13/10/2016 04:36, 谭晓生 wrote:
The HSM is stored offline, in the Vault of Qihoo 360’s head quarter, a little 
bit surprised by this question, I don’t know if there other CAs put their Root 
Certificates online?
If anybody have evident to say “Wosign have the private key of StartCom”, 
please show us here.

Thanks for that information.  Your previous post saying the "PKI
server" was completely duplicated at WoSign HQ without saying that
server did not contain the the private key was what made me ask about
that possibility.

For additional clarification, the HSM that is only in the Qihoo 360 HQ
vault, is this the HSM for the StartCOM CA root, and/or the HSM for the
Intermediary certificates?


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
dev-security-policy mailing list

Reply via email to