Re: The "korean bank" use-case

>> AFAICT, this is essentially an improved version of Mozilla's current
>> JS crypto.  That's fine but IMO it doesn't support security HW
>> in a way that makes sense to a bank since there is no way you can
>> assure that keys are stored in HW or SW.
> How can you •assure• that in the first place? Surely you’re always just taking the interface’s word for it, even if it claims to provide such guarantees?

Presumably, this is assured by the fact that the public key is accepted by the remote side?  If the private key is only held in an HSM / smart card, then any crypto operations with that private key are known to be performed within that HSM (assuming that you trust the HSM).  


Received on Monday, 28 November 2011 14:23:35 UTC