[Opendnssec-develop] HSM vendors and common key attributes
Roland van Rijswijk
roland.vanrijswijk at surfnet.nl
Tue Dec 2 13:25:21 UTC 2008
> Are you able to list, and maybe eventually participate to test, the HSMs
> that you currently have at your disposal?
Unfortunately, the only PKCS #11 compliant devices I have at my disposal
at the moment are:
- An NXP JCOP USB token from AET (SafeSign PKCS #11)
- An Alladin eToken USB token
Since I participated in writing the PKCS #11 for the first one mentioned
I can pretty much tell you anything about that one ;-). As for the
second one, I can give it a try, to see which attributes it supports.
I can supply you with some tokens to test with as they are good cheap
alternatives to HSMs.
I've been looking at purchasing a Luna HSM for next year when we start
deploying DNSSEC. If and when this purchase is made, I would be happy to
give you guys access to it during the development phase to test with.
-- Roland M. van Rijswijk
-- SURFnet Middleware Services
-- t: +31-30-2305388
-- e: roland.vanrijswijk at surfnet.nl
More information about the Opendnssec-develop