[tor-talk] Recommended private key management and recovery
i at virgil.gr
Thu Jul 16 05:28:09 UTC 2015
I have an operations question for those in high-security orgs:
* How do you manage your private keys?
* How do you do recover from a key-compromise?
I ask because there's talk among Singaporean financial tech firms
about migrating to more transparent (yay!) blockchain-based
cryptoledgers, but a sticking point for management is how to reliably
recover from theft of private keys. I understand there exist
real-world practices like cold-storage as well as cryptographic
practices like requiring quorum of n keys and then regenerating a
stolen key from the quorum. However, I am seeking something more
concrete for how it all fits together. And I figured that if any
group of people both competent and transparent enough to discuss this,
I am currently under the impression that this is a largely-solved
problem, but often requires domain-specific knowledge/techniques.
Ergo, I ask. A paragraph or two overview of the gist would be fine.
Whatever you write I will probably polish into something non-h4x0rs
More information about the tor-talk