[Cryptography] New free TLS CA coming

[Hanno Böck]

Am Tue, 18 Nov 2014 15:35:21 -0800
schrieb Peter Bowen <pzbowen at gmail.com>:

> Can you suggest a HSM that has open source software?  It has to be
> either FIPS 140 Level 3 certificated or certificated to meet EAL5 of a
> Common Criteria Protection Profile.

I made it a habit to trust people more that make their tech transparent
and less if they present me some certification as an argument for
security.

This is probably a clash of worldviews, but past experiences don't give
me the feeling these kinds of certifications have achieved much in
terms of security.

Is there any ruleset that requires such hw for CAs to be certified in a
way that excludes open source? That'd be very strange indeed...

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141119/241a6fb3/attachment.sig>