[148357] in cryptography@c2.net mail archive
Re: [Cryptography] Kindle as crypto hardware
daemon@ATHENA.MIT.EDU (Mark Seiden)
Wed Dec 4 18:03:00 2013
X-Original-To: cryptography@metzdowd.com
From: Mark Seiden <mis@seiden.com>
In-Reply-To: <20131204185800.GA4118@order.stressinduktion.org>
Date: Wed, 4 Dec 2013 14:49:51 -0800
To: Hannes Frederic Sowa <hannes@stressinduktion.org>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
Phillip Hallam-Baker <hallam@gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Dec 4, 2013, at 10:58 AM, Hannes Frederic Sowa <hannes@stressinduktion.o=
rg> wrote:
...
> =
> Btw. does someone know cheap HSMs? The cheapest one I found was the
> yubikey HSM and it doesn't have good support for x.509 key management.
> =
just to add some possibly interesting grist to your mill, rick lamb recentl=
y has done some excellent engineering work
in making a cheap HSM for DNSSEC signing described incompletely in =
TPM, The Poor Man's HSM =96 Richard Lamb, ICANN
early slides (2012):
http://ccnso.icann.org/file/32383/download/37379
later slides (2013) starting at page 10:
http://durban47.icann.org/meetings/durban2013/presentation-dnssec-set-forge=
t-lamb-15jul13-en.pdf
https://twitter.com/Deploy360/status/357470380455256064
the device could comply with fips 140 level 4, if only anyone were willing =
to pay the $200k in certification
costs for a device that costs $50 in parts cost to make...
rick needs a low volume low cost engineering channel. (i suggested lady ada=
, for example, but i=92m not sure =
it can fit in an altoids box.) maybe this would be a good kickstarter proj=
ect?
(i=92m cc-ing him on this also as i don=92t know about status more recent t=
han 4 months ago and there may be
a more complete description of the device available at this point=85)
> Greetings,
> =
> Hannes
> =
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography