[Cryptography] Protecting Private Keys
Phillip Hallam-Baker
hallam at gmail.com
Sat Sep 7 16:30:42 EDT 2013
On Sat, Sep 7, 2013 at 10:20 AM, Jeffrey I. Schiller <jis at mit.edu> wrote:
>
> If I was the NSA, I would be scavenging broken hardware from
> “interesting” venues and purchasing computers for sale in interesting
> locations. I would be particularly interested in stolen computers, as
> they have likely not been wiped.
>
+1
And this is why I have been so peeved at the chorus of attack against
trustworthy computing.
All I have ever really wanted from Trustworthy computing is to be sure that
my private keys can't be copied off a server.
And private keys should never be in more than one place unless they are
either an offline Certificate Signing Key for a PKI system or a decryption
key for stored data.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130907/097b0568/attachment.html>
More information about the cryptography
mailing list