Paul Fraser asked: #Software and physical safe keeping of Root CA secret key are central to #security of a large set of issued certificates. # #Are there any safe techniques for handling this problem taking into account the #need to not have the control in the hands of one person? # #Any links or suggestions of how to handle this problem?
See Section 16.6 of the Certificate and Browser Forum Baseline Requirements at https://www.cabforum.org/wp-content/uploads/Baseline_Requirements_V1.pdf For devices certified for FIPS 140 at level 3, check out http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm and then search that web page for the appropriate level For Common Criteria EAL 4 or higher, start with http://www.commoncriteriaportal.org/products/ Regards, Joe _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
