zlacker
[parent]
[thread]
1 comments
1. blabla+(OP)
[view]
[source]
2022-03-05 16:26:08
I don't get why companies that large would bother considering not using HSMs. Basically it's about public-key encryption, even if https is not ideal, it's quite a widespread implementation that can be sufficiently secure for many use cases
replies(1):
>>keving+hy1
◧
2. keving+hy1
[view]
[source]
2022-03-06 03:30:44
>>blabla+(OP)
My understanding is that HSMs are a requirement, and the leaked certificate predates it.
[go to top]