[Opendnssec-develop] Make the keys extractable from HSM?

Rick van Rein rick at openfortress.nl
Wed Dec 2 12:27:30 UTC 2009


Hey Rickard,

You brought up a good point:

> If a key is marked as extractable, you can export the key encrypted and then import it into another HSM.
> 
> We currently have the extractable attribute set to false.
> 
> We should still have the keys marked as sensitive, so that the key material cannot be revealed in plain text. But my question is whether we should have the key extractable or not?

I agree that this makes sense.  Even though HSM manufacturers may go under
the PKCS #11 level to duplicate private keys, it is still good to support
standards-compliant HSMs as well.

Can you point me at the definition of "extractable"?  I cannot seem to
find it in the spec.

If we do this, we should add CKA_ALWAYS_SENSITIVE to avoid that the newly
imported key can ever get CKA_SENSITIVE reset.

> Just want to discuss this topic, so that we do not lock the user down. Or is it better to protect against a potential threat of leaking keys?

If properly implemented, it should not be a leak, right?
And I doubt we want to protect users against bad implementations.


Cheers,
 -Rick



More information about the Opendnssec-develop mailing list