[147211] in cryptography@c2.net mail archive
Re: [Cryptography] PRISM-Proofing and PRISM-Hardening
daemon@ATHENA.MIT.EDU (Christian Huitema)
Wed Sep 18 03:25:51 2013
X-Original-To: cryptography@metzdowd.com
From: "Christian Huitema" <huitema@huitema.net>
To: "'Perry E. Metzger'" <perry@piermont.com>, "'John Kemp'" <john@jkemp.net>
In-Reply-To: <20130917170112.42537010@jabberwock.cb.piermont.com>
Date: Tue, 17 Sep 2013 23:48:40 -0700
Cc: 'Phillip Hallam-Baker' <hallam@gmail.com>, cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
> Given that many real organizations have hundreds of front end
> machines sharing RSA private keys, theft of RSA keys may very well be
> much easier in many cases than broader forms of sabotage.
Or we could make it easy to have one separate RSA key per front end, signed
using the main RSA key of the organization.
-- Christian Huitema
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography