Displaying 1 result from an estimated 1 matches for "15t11".
Did you mean:
1511
2016 Jan 15
4
Proposal: always handle keys in separate process
How about using the existing OpenSSH client's PKCS#11 support to
isolate keying material in a dedicated process?
A similar approach, "Practical key privilege separation using Caml
Crush", was discussed at FOSDEM'15 with a focus on
Heatbleed [1][2] but the ideas and principles are the same.
Now this is easily done using the following available components:
- SoftHSM to store