securing FAS certs
Jeffrey Ollie
jeff at ocjtech.us
Thu Aug 21 19:25:17 UTC 2008
On Thu, Aug 21, 2008 at 2:21 PM, Mike McGrath <mmcgrath at redhat.com> wrote:
> On Thu, 21 Aug 2008, Jeffrey Ollie wrote:
>> What about using a crypto card like Jesse plans on using for Sigul?
>
> I've never actually used a crypto card... Do they add additional security
> if they're sitting in a colo always plugged in? If so how do they do
> that?
I'm not sure either, but the impression that I get is that while you
can get the crypto card to sign certificates, you can't extract the
private key from it.
Jeff
More information about the infrastructure
mailing list