[Cryptech Tech] Question regarding Trusted Path Authentication

Randy Bush randy at psg.com
Fri Dec 19 10:08:07 UTC 2014


> One example of what's in store for someone wanting to use a threshold
> scheme with an HSM presented itself during the key ceremony used to
> initialise the DNSSEC root key for a country.  After several full-day
> dress rehearals of setting up the key, the organisers had condensed
> things down to a 500-step checklist (that's not a misprint).  Even
> after all of the dress rehearsals, it still took a full day to run
> through, with the four-hour process of setting up the HSM being the
> single longest step.  Since no-one could enter or leave the secure
> area while they were waiting for the process to complete, the most
> important take-away from for next time was "bring boardgames".

not include food and toilet within the secure perimeter?  :)

randy


More information about the Tech mailing list