edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Shannon Roddy <sroddy AT internet2.edu>
- To: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
- Subject: Re: [eduGAIN-discuss] HSM use cases
- Date: Tue, 26 Mar 2019 21:26:14 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=sroddy AT internet2.edu;
On 3/19/19 12:44 PM, Alan Lewis wrote:
> 5. Specific HSM requirements for
> 3. Management, connectivity and access mechanisms;
One thing to pay attention to is key management.
Ability to flag a key as non-exportable (if generated outside of the
HSM) or ability to generate a non-exportable key. If the key is
generated on the HSM, and is marked non-exportable, in most cases you
are then locked into that particular HSM solution/vendor. If the key is
generated off-HSM and not able to be marked as non-exportable, one
should come up with compensating controls to prevent export of the key.
Ability to do quorum operations becomes useful in the above case. E.g.
multiple parties need to approve certain operations (e.g. key export,
user management).
-Shannon
- [eduGAIN-discuss] HSM use cases, Alan Lewis, 19-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 26-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 27-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 27-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 26-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Shannon Roddy, 03/26/2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Muhammad Farhan SJAUGI, 27-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 27-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Muhammad Farhan SJAUGI, 28-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 28-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 27-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 27-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Guy Halse, 28-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 28-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 28-Mar-2019
- RE: [eduGAIN-discuss] HSM use cases, Alan Lewis, 28-Mar-2019
- Re: [eduGAIN-discuss] HSM use cases, Peter Schober, 26-Mar-2019
Archive powered by MHonArc 2.6.19.