Hi Anders,
Didn't realize you were on this forum; good to hear from you.
There are business use-cases where key-migration is necessary;
perhaps not so much in the authentication space as in the data
encryption space. It is a critical requirement for some parts
of our business.
Arshad Noor
StrongAuth, Inc.
Anders Rundgren wrote:
> I personally don't believe that Key Migration is a function that has any
> legitimate use outside of a security-lab.
>
> Secure Credential Cloning is an established concept (already used by
> millions of people in Sweden), that can be used to achieve a similar
> effect but without the trauma associated with "opening" containers:
> http://webpki.org/papers/keygen2/secure-key-store.pdf
> (recently upgraded paper)
>
> Key import from a trusted service provider is another method that also
> appears to be more useful than Key Migration.
>
> Anders
|
