Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 4 Jan 2018 11:20:18 -0500
From:      Eric McCorkle <eric@metricspace.net>
To:        Mike Tancsa <mike@sentex.net>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Subject:   Re: Potential band-aid for Meltdown
Message-ID:  <b117d7af-868f-3a7a-a84b-7b9f45bce464@metricspace.net>
In-Reply-To: <599c8fe0-3745-2fa8-4bd6-d89f061f29f4@sentex.net>
References:  <30300a34-d0d9-efbf-c9b3-6375703f65a0@metricspace.net> <599c8fe0-3745-2fa8-4bd6-d89f061f29f4@sentex.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 01/04/2018 10:58, Mike Tancsa wrote:
> On 1/4/2018 10:27 AM, Eric McCorkle wrote:
>> I was thinking over meltdown mitigations this morning, and a thought
>> occurred to me (which falls in line with general ideas I've been pursuing)
> 
> A pretty neat idea.  But in terms of keeping crypto keys safe, why not
> something behind a pkcs11 interface (e.g. eToken) or tpm ?

If you have them (and trust the vendors), sure.  My thinking here is for
folks with laptops or commodity hardware, who want some measure of
security while waiting for fixed hardware to come out.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b117d7af-868f-3a7a-a84b-7b9f45bce464>