[14153] in cryptography@c2.net mail archive
Re: fyi: bear/enforcer open-source TCPA project
daemon@ATHENA.MIT.EDU (Rich Salz)
Thu Sep 11 08:42:39 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 11 Sep 2003 08:37:11 -0400 (EDT)
From: Rich Salz <rsalz@datapower.com>
To: bear <bear@sonic.net>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <Pine.LNX.4.56L0.0309110041350.28357@bolt.sonic.net>
> You propose to put a key into a physical device and give it
> to the public, and expect that they will never recover
> the key from it? Seems unwise.
You think "the public" can crack FIPS devices? This is mass-market, not
govt-level attackers.
Second, if the key's in hardware you *know* it's been stolen. You don't
know that for software.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
