Edward Lewis wrote: > In a way, I figure - "if you can read my private key, I have larger > issues to deal with."
The problem is that without an HSM then 'you' becomes open to all kinds of social attacks. When we looked at the problem of disgruntled or bribed employees, HSM (or the equivalent) was the only logical answer. Otherwise the private key can be copied off, probably without your knowledge, by trusted staff. Not necessary in all scenarios, clearly! But I think a paragraph or two in the RFC to alert people to the possibility makes sense. -- Shane _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop