Speaking as the voice that questioned HSMs...

At 13:19 +0200 4/27/09, Peter Koch wrote:

o the WG believes that the use of HSMs for DNSSEC KSKs is useful {is
  that useful as in "RECOMMENDED"?} for a certain type of zones ("high
  profile"?) to minimize the risk of an unnoticed key compromise (copy).

I would say "it's useful" not "for a certain type of zone" but in operations where access to the signing machine cannot be sufficiently controlled for one reason or another, where the likelihood that an unauthorized person could gain access to the private key is greater than the threshold of comfort. It's not so much the kind of zone it is, but rather the way the zone is operated/engineered.

I.e., even though I'd question why an HSM is appropriate in some circumstances, I still think they can be useful in a wide range of operational models.

The term "HSM", though, doesn't imply any particular security level
unless some certification is provided.  If the WG would like to make
recommendations here, we should keep in mind who our target audiences are
and how to serve an international readership, especially if the to-be-BCP
should make it into or be referenced by some RFP type document.

Perhaps we should avoid the RFC 5513 "HSM" and just spell it out - a (cryptographic) hardware support module.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to