Hi, > I'm searching some info to choose a Cryptografic Token ( >= 2048 bit > keys and possibly CC EAL4 ) to store the root CA and 10 sub-CA > certificate. > I have seen that OpenCA fully supports LunaCA3 but is much expensive for > us, > then we have searched a usb token OpenSSL compliant with the > characteristics > described but we haven't found anything.
apart from the Luna HSM OpenCA also supports nCipher nShield and OpenSC compatible tokens. If I am not totally mistaken then you should NOT use a SmartCard or USB based token because these are lacking some features needed for serious CA operation (such as key backup and recovery, dual control etc.). We are running nCipher nShields without any problems, but the price tag is comparable to the Luna tokens. Martin ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
