[ksk-change] FIPS-140 levels
S Moonesamy
sm+icann at elandsys.com
Mon Oct 6 23:24:13 UTC 2014
Hi Tomofumi,
At 15:37 06-10-2014, Tomofumi Okubo wrote:
>Yes, that's right but that is if the other security controls
>successfully detects the compromise.
>The mechanism on the HSM will be the last line of defense if the other
>security controls fail for some reason. This is why in the ICANN
>definition, HSM is labelled as Tier 7.
The HSM is currently at Tier 6. If I recall correctly I commented
about that previously. I suggested a change a few months ago. I
am waiting for feedback about the suggestion.
Regards,
S. Moonesamy
More information about the ksk-rollover
mailing list