[Cryptography] New free TLS CA coming
hanno at hboeck.de
Tue Nov 18 18:47:53 EST 2014
Am Tue, 18 Nov 2014 15:35:21 -0800
schrieb Peter Bowen <pzbowen at gmail.com>:
> Can you suggest a HSM that has open source software? It has to be
> either FIPS 140 Level 3 certificated or certificated to meet EAL5 of a
> Common Criteria Protection Profile.
I made it a habit to trust people more that make their tech transparent
and less if they present me some certification as an argument for
This is probably a clash of worldviews, but past experiences don't give
me the feeling these kinds of certifications have achieved much in
terms of security.
Is there any ruleset that requires such hw for CAs to be certified in a
way that excludes open source? That'd be very strange indeed...
mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: not available
More information about the cryptography