[Opendnssec-develop] Make the keys extractable from HSM?
Roy Arends
roy at nominet.org.uk
Tue Nov 24 08:40:05 UTC 2009
Rickard Bellgrim wrote on 11/24/2009 08:28:10 AM:
> Hi
>
> I remember a discussion we had in Utrecht regarding the wrapping
> functions in PKCS#11. If a key is marked as extractable, you can
> export the key encrypted and then import it into another HSM. You
> must first have a shared symmetric key in each HSM.
>
> We currently have the extractable attribute set to false.
>
http://trac.opendnssec.org/browser/trunk/OpenDNSSEC/libhsm/src/libhsm.c#L1907
>
> We should still have the keys marked as sensitive, so that the key
> material cannot be revealed in plain text. But my question is
> whether we should have the key extractable or not?
By default, no. Default should be to have it not exportable. Flipping the
'exportable bit' must also be a one way function. You can switch from
exportable to not exportable, but not from not-exportable to exportable.
In general, keys only need to be exportable when an HSM roll is due. By
that time, a key can be generated that is exportable.
> Just want to discuss this topic, so that we do not lock the user
> down. Or is it better to protect against a potential threat of leaking
keys?
IMHO it is not a mutual exclusive choice. We need to protect against a
potential threat of leaking keys all the time, but only enable the user to
export the key as an explicit conscious choice.
Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20091124/069c22a1/attachment.htm>
More information about the Opendnssec-develop
mailing list