Also, what is to prevent someone interfering with the creation of the certificate that will be embedded in the device (or poor pseudo-random while generating it, etc.), and what would be the cost of replacing the certificate inside the device once/if compromised?
2013/11/12 Andreas Kuckartz <a.kucka...@ping.de> > Hans-Christoph Steiner: > > The crypto smartcard (aka Hardware Security Module) are some work to > setup, > > but not really all that much. And they are easy to use once setup. And > they > > provide a huge boost in the security of the certificate. > > Such hardware also costs a significant amount of money. Are there better > ways to spend money to improve the security ? > > Cheers, > Andreas > > > -- > To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: http://lists.debian.org/5281c93a.8040...@ping.de > > -- GPG: http://is.gd/droope <http://is.gd/signature_>