As I can see, lurk charter is quite specific. Cryptech product could be somewhat used for lurk goals but is not limited to it. Hope to discuss it during IETF95.
dol@ с iPad > 19 марта 2016 г., в 22:07, Randy Bush <ra...@psg.com> написал(а): > > Date: Sat, 19 Mar 2016 13:53:56 -0400 > Subject: LURK as interface to HSM > From: Phillip Hallam-Baker <ph...@hallambaker.com> > To: Randy Bush <ra...@psg.com> > > Randy, > > This is my proposal for LURK > > https://tools.ietf.org/html/draft-hallambaker-lurk-00 > > The reason I think it is relevant to your HSM work is that it is > essentially a standardized remote API for a HSM. > > I will be putting the code up on github 'soon'. > > Stephen Farrell's LURK vision seems to be that the TLS server is > talking to some service in the cloud. I suspect that is the wrong > model and what is really wanted here is a deployment model where I can > buy a HSM box of my choice, configure it to bind it to my trust nexus > and then ship it off to the Content Delivery Network to sit in the > same data center as my server. > > Which is a proposal I have wanted for a long time but wasn't feasible > without a suitable HSM device. This is a model that could establish > the demand necessary for production. > > Alternatively, I want to be using a similar model for code signing. > Selling a HSM to keep the code signing keys safe is essentially the > 'do you want fries with that' upsell for code signing certificates. > _______________________________________________ > Tech mailing list > Tech@cryptech.is > https://lists.cryptech.is/listinfo/tech _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
