[146764] in cryptography@c2.net mail archive
Re: [Cryptography] Protecting Private Keys
daemon@ATHENA.MIT.EDU (Jim Popovitch)
Sat Sep 7 16:39:44 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130907142052.GA4889@jis.tzo.com>
Date: Sat, 7 Sep 2013 15:46:10 -0400
From: Jim Popovitch <jimpop@gmail.com>
To: "Jeffrey I. Schiller" <jis@mit.edu>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Sat, Sep 7, 2013 at 10:20 AM, Jeffrey I. Schiller <jis@mit.edu> wrote:
> One of the most obvious ways to compromise a cryptographic system is
> to get the keys. This is a particular risk in TLS/SSL when PFS is not
> used. Consider a large scale site (read: Google, Facebook, etc.) that
> uses SSL. The private keys of the relevant certificates needs to be
> literally on hundreds if not thousands of systems.
$5k USD to anyone one of the thousands of admins with access....
-Jim P.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
