On 10/2/2014 1:42 PM, Bolivar, Al wrote:
I would like to add that I support the addition of another vendor. Tomofumi and I spoke to another vendor about introducing a competing FIPS 140-2 level 4 HSM. In my opinion having other choices will be positive.
Thanks,
Al
One of my pet peeves with the HSM vendors is that none of them provide more than rudimentary policy controls on the use of keys. I keep waiting for someone to make an HSM that implements either the Javacard Connected standards or something similar so I can define a programmatic policy wrapper more comprehensive than "I need a PIN to use it" "I need two PINs to use it" "I need a smart card to use it" etc. I can do this on a smart card, why is it so hard to do it on a big iron HSM? Mike