Subject: Policy-Discussion
List archive
- From: <Lambert.Hofstra AT ins.com>
- To: <cacert-policy AT lists.cacert.org>
- Subject: RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification
- Date: Mon, 20 Feb 2006 11:38:32 -0000
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
> The certificate machine is nearly completely offline, has no network stack
> on
> it, there is no SMTP there ...
> The keys on it only leave the machine on encrypted backup media.
Encrypted backup media is for backup purposes only. Most of the time this is
floppy (not good, can be copied) or smartcard. I do not know what hardware is
used, but normally the smartcards with encrypted backup keys cannot be
copied, therefore you have control over who has access to the encrypted keys.
This is not the case with floppies: you need constant dual control over both
physical and logical access to that floppy, to ensure no copy is made.
The 2/4 scheme is an authentication mechanism (you can perform action "x"
when at least 2 out of 4 individuals (or better: the corresponding personal
authentication tokens, most probably a cert on a smartcard)) are present
>
> The question is, whether it really helps in the end.
> (Security vs. Availability tradeoff)
Are you telling me that my CAcert certificate is almost worthless because
availability is deemed more important than Security? ;-)
Lambert Hofstra
> -----Original Message-----
> From:
> cacert-policy-bounces AT lists.cacert.org
> [mailto:cacert-policy-
> bounces AT lists.cacert.org]
> On Behalf Of Philipp Gühring
> Sent: 20 February 2006 12:03
> To: Policy-Discussion
> Subject: Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control
> Specification
>
> Hi,
>
> > This makes me wonder if it would be possible to have a key generator
> > somewhere that would split it into a 2/4 share scheme before ever
> > letting it leave the box -- preferably one that would do all the
> > encryption necessary to send via S/MIME to each of the employees, as
> > well as talking to the SMTP server to do so.
>
> The certificate machine is nearly completely offline, has no network stack
> on
> it, there is no SMTP there ...
> The keys on it only leave the machine on encrypted backup media.
>
> But perhaps 2/4 shared encrypted backups are an idea.
>
> The question is, whether it really helps in the end.
> (Security vs. Availability tradeoff)
>
> Best regards,
> Philipp Gühring
>
> _______________________________________________
> Have you subscribed to our RSS News Feed yet?
>
> CAcert-Policy mailing list
> CAcert-Policy AT lists.cacert.org
> http://lists.cacert.org/cgi-bin/mailman/listinfo/cacert-policy
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, (continued)
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Ian G, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Kyle Hamilton, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Kyle Hamilton, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Peter Williams, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Duane, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Kyle Hamilton, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Duane, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Philipp Gühring, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Ian G, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Philipp Gühring, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Duane, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Kyle Hamilton, 02/21/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Duane, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Kyle Hamilton, 02/20/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Ian G, 02/21/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Ian G, 02/21/2006
- RE: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Lambert.Hofstra, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Duane, 02/20/2006
- Re: [CAcert-Policy] [FIRSTREVIEW] Configuration Control Specification, Ian G, 02/20/2006
Archive powered by MHonArc 2.6.16.