nCipher netHSM
Nicko van Someren
nicko at ncipher.com
Tue Oct 7 09:51:58 EDT 2003
Ronald,
I can confirm that there is no new code or hardware inside the
"cryptographic boundary" as validated by FIPS compared to the most
recent release of our PCI cards; all necessary changes to the HSM were
put in before the last re-validation of the cards. The UI components
themselves are outside the cryptographic boundary. That said,
communication with the HSM thought the screen and input devices on the
front panel does NOT pass through the computer inside the case but
instead goes through a micro-controller and into the serial port on the
PCI card HSM. This is analogous to the way things have always been
with out smart card readers plugged into the HSM which themselves were
not FIPS certified.
I hope this makes things a little clearer.
Cheers,
Nicko van Someren
CTO, nCipher
On Monday, Oct 6, 2003, at 19:11 Europe/London, R. A. Hettinga wrote:
>
> --- begin forwarded text
>
>
> Status: U
> To: "R. A. Hettinga" <rah at shipwright.com>
> Subject: Re: nCipher netHSM
> From: Ronald Perez <ronpz at us.ibm.com>
> Date: Mon, 6 Oct 2003 13:32:48 -0400
>
>
> This looks like new packaging of an old/previously-announced product.
>
> The NIST FIPS 140 site
> (http://csrc.nist.gov/cryptval/140-1/1401val2003.htm) does not list
> this device as having undergone any FIPS validation. And from the
> pictures and specs, it looks like what they did was to put one of
> their FIPS validated PCI cards into a 1U rack-mount format box --
> along with one or two 10/100 Ethernet connections, an LCD display,
> keyboard input, and some other buttons and knobs (all of which have
> not gone through a FIPS validation no doubt).
>
> -Ron
>
> --- end forwarded text
>
>
> --
> -----------------
> R. A. Hettinga <mailto: rah at ibuc.com>
> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list