-
Hierarchical state machines are a great improvement to FSMs, have you seen them before? Also known as UML statecharts.
-
This should include all blackboard variables and the current running indexes of any composite nodes, as well as the current running state of any HSMs. This would allow developers to dump the state of …
-
We've been using two different SAML libraries:
- https://github.com/russellhaering/gosaml2 to implement Teleport service provider
- https://github.com/crewjam/saml/ to implement Teleport identity pr…
-
A configurable key storage backend (plain files, OpenPGP smartcard, PKCS#11 token/HSM, etc.) would greatly benefit the underlying security model of `sbctl` and would enable integration into larger PKI…
-
I'm just opening this issue for discussion of whether the current algorithms preclude support for signing by an HSM (hardware security module) or other types of key vaults.
Some questions that come…
-
notary implements the PKCS11 interface so it should be possible to integrate to other HSMs such as CloudHSM and Nitrokey
-
The NCSSRs should state that the private signing keys for all OCSP responders must be protected in an HSM, as opposed to, for example, storage of OCSP private signing keys in software, which would be …
-
/kind feature
**Description**
Currently it is possible to sign images using OpenPGP. While OpenPGP is supported by security keys like YubiKey (https://www.yubico.com/products/) or Nitrokey (https:…
-
## Current situation
Systemd does not support PKCS11 URIs.
```
$: sudo systemd-cryptenroll --pkcs11-token-uri=list
PKCS#11 tokens not supported on this build.
```
## Implementation options…
-
Pyff's memory requirements are ridiculous, and not suitable for the SC docker environment. Therefore, let's just replace Pyff by a simple bash script that selects the correct entities and resigns the…