fyi: bear/enforcer open-source TCPA project
Sean Smith
sws at cs.dartmouth.edu
Thu Sep 11 08:32:47 EDT 2003
>You propose to put a key into a physical device and give it
>to the public, and expect that they will never recover
>the key from it?
It's been on the market for six years now; so far, the foundation
has held up. (We also were darn careful about the design
and evaluation; we ended up earning the first FIPS 140-1 Level 4
cert, but went beyond it in several respects.)
But there are numerous war stories and drawbacks---which is
why I find the new generation of initiatives interesting.
(Particularly since I don't have to build products anymore! :)
> Seems unwise
As does the alternative proposition that one should NEVER, under any
circumstances, have sensitive data or computation on a remote machine.
--Sean
--
Sean W. Smith, Ph.D. sws at cs.dartmouth.edu
http://www.cs.dartmouth.edu/~sws/ (has ssl link to pgp key)
Department of Computer Science, Dartmouth College, Hanover NH USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list