>it should be impossible for them (or for nCipher) to do so. Why does it matter?... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

superuser2 on Jan 29, 2015 | parent | context | favorite | on: Amazon Starts Email Service for Companies

>it should be impossible for them (or for nCipher) to do so.

Why does it matter? They can certainly be compelled to use the HSM to decrypt data, even if they can't extract keys.

geekbeast on Jan 29, 2015 [–]

This.

If you aren't doing client-side encryption and keeping the keys private, the server has access one way or another.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact