I'm developing a server that implements a stamping server using a key protected by an OCS. The current configuration uses a quorum of 1/3. So when the server is starting, it asks the passphrase of the OCS in order to load the key. The client wants to update the quorum to 3/5. I am wondering do I have to ask for the passphrase of each OCS card in order to load the key in my server or only the passphrase of the last card. Thank you
HSM nCipher: OCS protected key with quorum m/n
334 Views Asked by ferjani At
1
There are 1 best solutions below
Related Questions in DIGITAL-SIGNATURE
- add attribute to signature xml in java
- WinVerifyTrust error code handling
- is PdfPKCS7.loadCacertsKeyStore() deprecated
- Trouble verifying XML signature with XmlDsigExcC14NTransform and InclusiveNamespaces
- Digital Signature in java / android (RSA keys)
- Digital signature tab not seen for executable developed in VC in VS2005 IDE using /keyfile and /LN as additional option in linker
- Restamping CAdES-A using Digital Signature Service from joinup.ec.europa.eu.
- What are the services available to manage digital signature?
- Error in digital signature
- Is there a standard on how to sign primitive types?
- Should elliptic curve for public key generation and signature computation be the same?
- Sign a file with SSL certificate for iOS "Shared Web Credentials" API
- In gpg, "decrypting" a signed message without the public key
- How to avoid SIGABRT when generating RSA Signature at EVP_SignFinal
- How to digitally sign PDF document using iTextSharp with PKCS7 standard (.cer)
Related Questions in HSM
- Using Amazon KMS service on Heroku
- How to generate certificate if private key is in HSM?
- Form a key from encrypted component thales command
- Error in digital signature
- How is private key read out from a PKCS#11 module in openSSL?
- Exception while file signing using HSM and SUNPKCS11
- Using Key object handle in PKCS#11
- ‘pgp_sym_encrypt’ and ‘pgp_sym_decrypt’ mechanism with HSM (hardware security module)
- HSM Support in Azure API management
- PKCS11 - SHA1HMAC yields a different SHA1HMAC result
- Signing an XML using pkcs11 Wrappers in JAVA
- ARQC/ ARPC Validation for CVN 14
- Does Azure Key Vault service support PKCS#11?
- How to register my own algorithm to Linux crypto API for user mode apps
- PIN Block translation on thales HSM not working
Related Questions in NSHIELD
- Will the Pkcs11Interop Cryptoki application, which is registered as HSM client to more than one HSMs) detects and sends requests to active HSM
- Keystore generation Entrust HSM not working
- HSM nCipher: OCS protected key with quorum m/n
- .Net Crypto Service Provider error using nShield HSM
- Java code for nShield Connect
- nCipher Using KeySafe generated AES Key in java
- How to wrap Microsoft RSA key blob in HSM
- using the ncipher CSP with the MSCAPI to do AES encryption
- Getting java IAIK PKCS11 wrapper work for nfast
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
If you have quorum of 3/5 you will need to input 3 passwords. Each cards has (or should have strong) unique password.
Also, OCS can be genereted as persistent or no-persistent. With persistent OCS you do not need to leave card in reader after starting the application and giving passwords.