[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RFC 2527 Physical Security Controls Question
Timothy Metzinger writes:
> So for you non-government types, would your CA physical security include
> lethal defenses? Can anyone think of any application for a
> non-government CA
> that would require such defenses? I'm not talking about just
> armed guards
> here... I'm talking about defenses that would kill an unauthorized
> individual who entered protected space BEFORE they did any damage besides
> entering that space.
What an utterly bizare idea. This is PKI, not James Bond. Dr No
might require such a security system but I can't see that such a
system would serve any commercial purpose.
I would be very suspicious about any such system. I would see it
as introducing the very serious threat of complacency. I am much
happier trusting concrete and steel than 007 type booby-trap gadgets.
It isn't as if disarming explosive devices is impossible. Security is
a function of the difficulty of disarming preventative devices rather
than the seriousness of a device being triggered.
Besides which I doubt that operating such a system would be legal
in most countries. Burglars don't have many legal rights but in
the UK at least use of lethal force is only permitted in self defence.
Defence of property is not a justification. Anyone building such a
device would (quite rightly) face a murder charge if it went off.
Even in Texas I suspect that the fire dept would have something to
say on the matter.
Rather than kill the attacker it would surely be a much simpler
matter to destroy any cryptographic keying material. This should
not in itself be a problem if there was an equally well protected
disaster recovery site. The principal risk is not destruction of
keying material but theft of keying material - particularly if it
was undetected.
The NSA is rumoured to use explosives in certain crytosystems. My
understanding is that the purpose was to destroy the keying material
and not to kill someone probing.
Phill