[cabfpub] Why HSMs?

philliph at comodo.com philliph at comodo.com
Sat Mar 25 18:00:14 UTC 2017


Why we have HSMs likely comes down to ‘its the way the NSA did it’. 

I am certain we want to have them and can come up with a number of reasons to justify the rather modest cost compared to everything else we do to run a CA. But we should probably understand the reasons in more detail.

One reason that I think we should look into it is that some recently expired and soon to expire patents and the move the ECDH offer some new and very interesting capabilities that provide additional controls.

http://hallambaker.com/Professional/Architecture/Cryptography/ <http://hallambaker.com/Professional/Architecture/Cryptography/>




> On Mar 25, 2017, at 1:30 PM, Peter Bowen via Public <public at cabforum.org> wrote:
> 
> This week we had a discussion on future signature algorithms, one of the items raised is that we don’t have HSMs that support many of the algorithms and that even if we do, they are not included in FIPS 140-2.
> 
> I wanted to take a step back and ask kind of a stupid question: why do we require HSMs?  Do we have a threat model that was used as input to the decision to require HSMs?
> 
> I’m asking because it seems important to understand how we got to this point before we consider what items we can drop or alter as we look to revise the requirements to support new algorithms.
> 
> Thanks,
> Peter
> 
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170325/65566bbb/attachment-0003.html>


More information about the Public mailing list