Links
OpenDNSSEC Developer Wiki
OpenDNSSEC Documentation
SoftHSM Developer Wiki
SoftHSM Documentation
Current location:
...
Please note: a Common Criteria certification only has value if the Protection Profile is strict enough. Therefore, a Common Criteria certification can only really be trusted if the Protection Profile that was used for the evaluation is checked (this is very difficult for outsiders). Within the EU, the Protection Profile for Secure Signatured Signature Creation Devices (SSCD) (European standard CWA 14169) is a valuable profile for evaluation.
...
Feature | Required/Optional |
PKCS #11 API | Required |
MS CryptoAPI | Not required |
OpenSSL engine support | Not required |
Minimum key size ? ≤ 1024 bits | Required |
Maximum key size ? ≥ 2048 bits | Required |
RSA algorithm support | Required |
DSA algorithm support | Optional |
Symmetric algorithm support (AES, DES, etc.) | Optional |
FIPS 140-2 (level 2 or 3) | Recommended* |
Common Criteria (EAL 4 or up) | Recommended* |
Backup mechanisms | Required |
...