On Thu, 21 Aug 2008, Ricky Zhou wrote: > On 2008-08-21 02:21:34 PM, Mike McGrath wrote: > > I've never actually used a crypto card... Do they add additional security > > if they're sitting in a colo always plugged in? If so how do they do > > that? > I might be wrong, but I think with such a card, encryption/signing takes > place entirely on the card, and thus the secret key is never transferred > anywhere off the card. > Ah, so the theory being that if someone happens to hit us, they're only hitting us for as long as the machine is up / card is in. And I assume the card actually tracks serial numbers and things so we can revoke anything that was signed in a questionable time? -Mike _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
