In your previous mail you wrote: => there are places where cryptography is required to be implemented in hardware, and many business reasons or even regulations which mandate HSMs.
But the risk for the key is not only people modifying it, it is simply people *reading* it (a concern which also exists for the database but is much less important). I have no practical experience with HSMs but, in my mind, the interesting thing is that they guarantee noone will read the key without an authorization (that's quite unlike the database where you certainly prefer a few unauthorized looks to a complete loss). => the main function of a HSM is to provide a key store where private keys may not and cannot be extracted (i.e., not only the operation is not allowed but the device is protected against common up to all known ways to extract protected values). So it is possible to misuse a HSM, for instance to make it to sign something, but the keys can't leak. In conclusion when HSMs are not an excuse to forget to carefully manage DNSSEC servers, I have nothing at all against HSMs... Regards francis.dup...@fdupont.fr _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop