On Tue, Apr 21, 2009 at 11:45:18AM -0400, Edward Lewis wrote: > > Suppose that I tightly constrain who reads the database.
Suppose you do. Then you still have the problem of escalation attacks. HSMs are designed to make such attacks impossible: the key simply won't come out. That's a better answer than, "I've set it up so that just about nobody can get to the key", since privilege escalation in database systems is exactly the place good attackers work. I notice in passing that a certain large company who recently bought Sun no longer makes "unbreakable" claims loudly and in public. A -- Andrew Sullivan a...@shinkuro.com Shinkuro, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
