[Cryptography] What if your CA's HSM was an Android tablet?
Martin Rublik
martin.rublik at gmail.com
Thu Mar 26 05:02:15 EDT 2015
On 26. 3. 2015 2:57, Peter Gutmann wrote:
> One of the interesting points in this week's regularly-scheduled browser PKI
> debacle was that the (intermediate) CA that issued the Google MITM certs was
> using a Palo Alto firewall as an HSM.
Irony is that Palo Alto supports putting the CA's private key in a network
attached HSM :). Moreover, the HSM can run in FIPS 140-2 L3 mode.
https://live.paloaltonetworks.com/servlet/JiveServlet/previewBody/6602-102-7-24721/PAN-OS-6.0-new-features.pdf
M.
More information about the cryptography
mailing list