Hi We have written a review of four different HSM:s (AEP, Safenet, Thales, and Utimaco) with focus on creating signatures for DNSSEC with the PKCS#11 interface. Other topics was also addressed like the security model, administration, and backup/HA-mode.
It is typically TLD:s that uses HSM:s for DNSSEC, but others are probably more interested in some cheaper alternatives but still be sure that the keys are stored safe. We were wondering if there would be someone willing to continue this work but focusing on alternatives like smartcards and USB-tokens. You can read the full report here: http://www.opendnssec.org/wp-content/uploads/2011/01/A-Review-of-Hardware-Security-Modules-Fall-2010.pdf Thanks // Rickard _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
