On Thu, Jul 29, 2010 at 10:23 PM, Franck Martin <franck@genius.com> wrote:
Hmmm, from the interview of the British guy, the smart card seems to be in UK (he did a lapsus on it), which differs from what you describe.
You gotta read up on the whole ceremony and their statement of practices: https://www.iana.org/dnssec/icann-dps.txt ... Crypto Officers are different from Recovery Key Share Holders. Crypto officers hold a key to a safe deposit box in the safe room Safe 2, containing the operator cards. "Tier 5" Each vault contains a Tamper-evident bag (TEB) with a smart card required to authenticate with the HSM to perform crypto operations. Those cards don't leave the facility. The operatorscards are only authentication tokens, the key is stored on the hardware security modules. Hardware security modules, and the laptop+DVD+USB Flash stick required to operate them are stored in tamper evident bags in Safe 1. There are 7 crypto officers per site, but only 3 are required to authenticate to the HSM to enable it to perform operations. The recovery key share holders have a key to a bank safety deposit box under _their own_ control, containing a smartcard in tamper-evident bag, holding part of the HSM's internal encryption key. Each RKSH has to provide and maintain records of where they are storing their smartcard. 7 RKSH per site, but only 5 are required for recovery operations. -- -J