Our criteria for the CalyxOS signing solution were that it should be: available, affordable, secure, expandable, auditable, redundant, easy to access, and aligned to the mission of the Calyx Institute. These requirements were what led us to choose the HSM solution among available options. Specifically, we selected the YubiHSM2 based on our current urgent development requirements and resources as an interim solution while we evaluate and build out a long-term solution.
3 Likes
To keep our solutions consistent with a seamless transition in the future, we are ensuring that our keys are transferable both operationally and technically, and that CalyxOS users will not need to reflash their devices beyond the initial installation.
So they must also be storing the keys somewhere other than the YubiHSM2. Otherwise that would not be transferable. I wonder how that is secured.
Edit: TIL the YubiHSM has backup functionality. I guess that makes sense Backup and Restore with YubiHSM Backup Keys — YubiHSM 2 User Guide documentation
We would like to respond to concerns people have raised by confirming that CalyxOS hasn’t been compromised and the organization is directing significant resources to get it back on track.
Still wondering why it was off track to begin with though 
1 Like
Atleast the project appears to still be alive. Let’s wait and watch I guess.
Thanks for sharing the update.
A very confidence inspiring 3 month wait time on responding to concerns
3 Likes
related: they had another lead developer leave back in October: tmw 🌈: ""My reading of the privacy policy is different fr…" - IOC.exchange
2 Likes
I’m confused about why Calyx is seemingly not seeking out (a) new director(s). How this organization is run is very confusing to me.