From owner-freebsd-security@FreeBSD.ORG Wed Mar 11 21:14:55 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D93801065677 for ; Wed, 11 Mar 2009 21:14:55 +0000 (UTC) (envelope-from esykes@opnet.com) Received: from nc.opnet.com (nc.opnet.com [65.161.183.4]) by mx1.freebsd.org (Postfix) with ESMTP id CD9188FC08 for ; Wed, 11 Mar 2009 21:14:53 +0000 (UTC) (envelope-from esykes@opnet.com) Received: from [172.18.1.50] (mlpc88.opnet.com [172.18.1.50]) by nc.opnet.com (8.13.6/8.12.6) with ESMTP id n2BKxcRP021449; Wed, 11 Mar 2009 16:59:38 -0400 (EDT) Message-ID: <49B8263A.3000006@opnet.com> Date: Wed, 11 Mar 2009 16:59:38 -0400 From: Ed Sykes User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-MailScanner: Found to be clean X-MailScanner-SpamCheck: Subject: HSM devices and FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Mar 2009 21:14:56 -0000 I am essentially asking the same question that Eirik Overby asked a couple of years ago. Is anyone aware of PCI-X/PCIe hardware security modules that are supported on FreeBSD? I have not seen any on the FreeBSD hardware compatibility lists. Again, as Eirik noted in his question, HSMs are not simply crypto accelerators (which are supported on FreeBSD), they also are a means of storing keys with physical, tamper-resistant security. Thanks. Ed Sykes