Do you have an idea or a suggestion for Azure Key Vault based on your experience?

For the Key Vault service, would it be possible to provide FIPS 140-2 Level 3 HSM?

18 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

5 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    Or at least allow the Key Vault service to proxy requests to/from a FIPS 140-2 Level 3 HSM. The main reason for this would be to allow the PaaS services that currently only consume KMS services from Key Vault to consume services from FIPS 140-2 Level 3 HSMs.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Or at least if only certified to Level 2, verify if tamper detection/response meet level 3 requirements/etc. so even if cannot certify to level 3, try to verify components of level 3 you can meet and document and share that info.

  • John commented  ·   ·  Flag as inappropriate

    Support for HSM 1.3 is required by our financial service clients. We will be forced to use Amazon AWS if Microsoft does not offer this option.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Level 2 only meets some trust of the trust scheme requirements and fails to met others scheme requirements. Amazon AWS offers FIPS 140-2 Rod level 3 HSMs!

Feedback and Knowledge Base