>> My requirements are as I stated and have to compete with Gemalto/Thales for >> feature set: Multiple partition capable (Gemalto Luna EFT for example could >> expand to some 20 paritions or as they see it 20 individual HSM's within the >> same physical box) with providers that talk to OpenSSL and ADCS (Both CAPI >> and CNG, my Microsoft keys are all RSA CNG keys at the moment). Don't need >> the payments stuff (won't be doing DUKPT or any key derivation), just a >> general HSM like the Gemalto Luna Network HSM. Java is a nice to have, I >> don't touch Java.
I'll also want to protect other keys like SSH, SMIME and PGP keys in an HSM. Im not sure yet of my logical break down to segregate the different keys (Dev keys VS UAT keys VS Prod keys), but with the different types of keys I'm looking to protect, that makes a lot of different partitions on one device, the Gemalto Luna Network HSM 7 can do up to 100. those partition licenses don't come cheap. TPS is not an issue, if I get 25TPS to start with, that's more than enough, so long as it's expandable. Use cases are more for authentication and centralization of the authentication keys. I don't code applications so not looking for application key protection. _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
