ietf
[Top] [All Lists]

Re: DNSSEC is NOT secure end to end (more tutorial than debating)

2009-06-02 20:55:53

In message 
<alpine(_dot_)LFD(_dot_)1(_dot_)10(_dot_)0906022034140(_dot_)22834(_at_)newtla(_dot_)xelerance(_dot_)com>,
 Paul Wou
ters writes:
On Wed, 3 Jun 2009, Masataka Ohta wrote:

You can, for example, bribe a personnel or two, against which there
is no cryptographical protection, which means PKI is weakly secure.

You have never heard of a Hardware Security Module?
 
        HSM doesn't stop the wrong data being signed.  It just stops
        it being signed on machines other that the designated servers.

        Mark

Paul
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka(_at_)isc(_dot_)org
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>