I'm developing a server that implements a stamping server using a key protected by an OCS. The current configuration uses a quorum of 1/3. So when the server is starting, it asks the passphrase of the OCS in order to load the key. The client wants to update the quorum to 3/5. I am wondering do I have to ask for the passphrase of each OCS card in order to load the key in my server or only the passphrase of the last card. Thank you
Asked
Active
Viewed 273 times
1 Answers
1
If you have quorum of 3/5 you will need to input 3 passwords. Each cards has (or should have strong) unique password.
Also, OCS can be genereted as persistent or no-persistent. With persistent OCS you do not need to leave card in reader after starting the application and giving passwords.
pepo
- 8,644
- 2
- 27
- 42