[Open Crypto Project] #61: Finish libhal login state access control checks

Open Crypto Project trac at cryptech.is
Fri Jun 17 04:41:07 UTC 2016

Previous message (by thread): [Open Crypto Project] #60: PKCS11 needs to reload its notion of keystore state on startup
Next message (by thread): [Open Crypto Project] #50: Release engineering
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#61: Finish libhal login state access control checks
--------------------+----------------------------------------
 Reporter:  sra     |       Owner:  sra
     Type:  defect  |      Status:  new
 Priority:  major   |   Milestone:  Alpha board DNSSEC signer
Component:  HAL     |     Version:
 Keywords:          |  Blocked By:
 Blocking:          |
--------------------+----------------------------------------
 libhal has a notion of login state, but there are still parts of libhal
 which don't check it before granting access to sensitive resources (like
 private keys).  This is separate from (or in addition to) the PKCS 11
 semantics: PKCS 11 lives on the host, so the HSM can't trust PKCS 11 to
 make authorization decisions for it.

--
Ticket URL: <https://trac.cryptech.is/ticket/61>
Open Crypto Project <https://wiki.cryptech.is/>

Previous message (by thread): [Open Crypto Project] #60: PKCS11 needs to reload its notion of keystore state on startup
Next message (by thread): [Open Crypto Project] #50: Release engineering
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Ticket-BCC mailing list