[Cryptech Tech] LURK as interface to HSM

Leif Johansson leifj at sunet.se
Sat Mar 19 22:55:00 UTC 2016


On 2016-03-19 23:49, Peter Gutmann wrote:
> Randy Bush <randy at psg.com> quotes:
> 
>> This is my proposal for LURK
> 
> What's the value proposition for this?  We've already got PKCS #11 which is
> widely supported and has been around forever, and if you want key management
> there's KMIP which is also (probably) widely supported.  I guess it's fun to
> design a new protocol like this, but what's the value proposition?
> 

I can't speak to Phils motivation but pkcs11 is a bitch to work
with, esp in any language where dlopen doesn't come naturally

If that isn't enough, compatibility among p11 tokens is highly
variable.

Incidentally me and Stephen proposed this sort of thing a few
years ago in an IRTF draft and Stephen Kent had exactly the same
reaction :-)

	Cheers Leif




More information about the Tech mailing list