[Cryptography] [cryptography] Show Crypto: prototype USB HSM

Ron Garret ron at flownet.com
Wed Apr 13 12:40:47 EDT 2016


On Apr 13, 2016, at 8:56 AM, Tony Arcieri <bascule at gmail.com> wrote:

> On Wed, Apr 13, 2016 at 2:06 AM, Thierry Moreau <thierry.moreau at connotech.com> wrote:
> Who wants to be optimistic with respect to threat models in the current IT landscape?
> 
> I prefer to be realistic about threats, especially when UX tradeoffs are involved 

Everyone needs to choose their own risk posture, and different applications have different needs.  There are certainly people out there for whom Yubikeys are adequate, and for whom the SC4-HSM won’t make sense.  But I believe that there are applications and not-entirely-unreasonable risk postures for which a Yubikey might not be adequate.  If nothing else, having a programmable USB dongle with a display makes kind of a cool toy to noodle around with.

Tony: I really don’t mind negative feedback when it’s constructive.  In fact, I very much appreciate it.  But I’m really having a hard time discerning a constructive purpose in your critique.  What exactly do you think that I should be doing differently?  Change the design?  Give up and join you in being an evangelist for Yubikeys?  Something else?  I really don’t get it.

rg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160413/036d2418/attachment.html>


More information about the cryptography mailing list