@ashk4n bookmarklets defeat the browser security model much like running setup.exe
-
-
@bascule@BrendanEich@ashk4n ever put a passphrase on a production SSL cert? :) -
@dakami@BrendanEich@ashk4n no, but TLS aside we keep our encryption keys for sensitive data airgapped: http://www.slideshare.net/diogomonica/bletchley … -
@bascule@dakami@BrendanEich@ashk4n Yikes, those are some real disadvantages. Especially the cross-DC problem. -
@grittygrease@dakami@BrendanEich@ashk4n cross-DC problem is solvable, and HSMs are a PITA but certainly help pass PCI audits ;) -
@bascule@dakami@BrendanEich@ashk4n But why a centralized HSM service instead of a distributed service based on low cost TPMs? -
@grittygrease Bletchley is decentralized with no single point of failure. See the note at the end of slide #33 /cc@dakami -
-
@grittygrease@dakami you don't really have any other option if you want to keep the key airgapped - 9 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.