[Cryptography] New free TLS CA coming

Hanno Böck hanno at hboeck.de
Tue Nov 18 18:47:53 EST 2014

Am Tue, 18 Nov 2014 15:35:21 -0800
schrieb Peter Bowen <pzbowen at gmail.com>:

> Can you suggest a HSM that has open source software?  It has to be
> either FIPS 140 Level 3 certificated or certificated to meet EAL5 of a
> Common Criteria Protection Profile.

I made it a habit to trust people more that make their tech transparent
and less if they present me some certification as an argument for

This is probably a clash of worldviews, but past experiences don't give
me the feeling these kinds of certifications have achieved much in
terms of security.

Is there any ruleset that requires such hw for CAs to be certified in a
way that excludes open source? That'd be very strange indeed...

Hanno Böck

mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141119/241a6fb3/attachment.sig>

More information about the cryptography mailing list