[Cryptography] HSM's to be required for Code Signing Certificates
Peter Bowen
pzbowen at gmail.com
Fri Jan 27 00:27:31 EST 2017
On Thu, Jan 26, 2017 at 7:49 PM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> Henry Baker <hbaker1 at pipeline.com> writes:
>
> This seems a lot like security by press release, if you look at the changes:
>
>>The guidelines include several new features that will help businesses defend
>>their IT systems and information stores from cyber-attacks, including:
>>
>>* Stronger protection for private keys: The best practice will be to use a
>>***FIPS 140-2 Level 2 HSM*** or equivalent. [...] Therefore, companies must
>>either ***store keys in hardware*** they keep on premise hardware, or in a
>>new secure cloud-based code signing cloud-based service.
>
> Since level 2 HSMs are expensive, not so easy to find, and a pain to use,
> companies are probably going to take the other option of moving their keys
> into the cloud. So instead of having the key on an, at least on theory,
> isolated machine on a private LAN it's now in the cloud. Wonderful.
There is a third option allowed:
"Another type of hardware storage token with a unit design form factor
of SD Card or USB token (not necessarily certified as conformant with
FIPS 140 Level 2 or Common Criteria EAL 4+). The Subscriber MUST also
warrant that it will keep the token physically separate from the
device that hosts the code signing function until a signing session is
begun."
No HSM or cloud required.
More information about the cryptography
mailing list