Hi,I was on holidays for quite a while and now I clean my mailboxes. So the comment is only for completeness.
Andreas Thienemann schrieb:
On Wed, 11 Apr 2007, Alexander Klink wrote:I remember your presentation on the 23C3 where you showed some cases so IThat was probably Micha's part :)Mhm. Not sure. Who was the first speaker?
I was the first speaker.
sub-cas are not created every day. Another problem would be the relatively small keylength of 2048bit on the smartcard while current suggestions expect 4096bits. But the key would be tamperproof and removable. With a pin-pad reader it's also not network-accessible and can be locked away in a safe if not in use.
Be sure that you really need 4096 bits. Many VPN boxes especially from Cisco only support 2048.
Michael -- _______________________________________________________________ Michael Bell Humboldt-Universitaet zu Berlin Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________ X.509 CA Certificates / Wurzelzertifikate http://ra.pki.hu-berlin.de
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
