[Opendnssec-develop] Minutes of teleconference, 2009-04-27

John Dickinson jad at jadickinson.co.uk
Wed Apr 29 13:09:31 UTC 2009


On 27 Apr 2009, at 18:18, Stephen.Morris at nominet.org.uk wrote:

> Notes from today's meeting can be found on the Wiki:
>
>     http://www.opendnssec.se/wiki/Meetings/Minutes/2009-04-27


Sorry for being unable to make the meeting - here is what I would have  
said....

"libhsm

KASP - not sure - need feedback from John Dickinson here. However, we  
shouldn't need it for the alpha release providing that we can fill up  
the pool of keys using a shell script."

At the moment the key generator just calls a dummy uuid creator and  
adds an entry to the KASP DB. I could make create actual keys by using  
Roy's existing libhsm code by altering PK_GenerateObject(long keysize)  
to return the uuid if the real libhsm is going to be a while.

"Key Generation: uncertain as to the state of this (John Dickinson is  
writing it)."

It compiles, installs finds the default xml files and creates keys in  
the DB, then goes to sleep for keygeninterval. All the complexity of  
calculating how many keys are needed is actually done by libksm.

I have a script that checks out, builds and installs all the enforcer  
components and then runs them. It is customized to my environment,  
however, I will check this in as it may be useful to others. How about  
using the location /trunk/testing/enforcer/

This is my todo list
4. set up some end to end tests for key generation
5. code review and fix up the function to read conf.xml in the key  
generator then make a version of it for the communicator.
6. contribute to discussions on libhsm
7. check that docs and code are in sync.
8. Sort out signal handling in the communicator and key-generator.  
There is a signal handling function but it sets no  flags yet.
9. look at what common code is in the key generator and communicator  
and try to make it common.
10. compile on OS X, Linux, FreeBSD, Solaris and fix issues with build
11. run it all through valgrind
12. once likhsm exists replace the stub in the key-generator with the  
libhsm calls.

For 4 I suggest that we write a set of xml files for each test and a  
document that based on the kasp draft describes what should happen as  
a result of each test.

John

---
John Dickinson
http://www.jadickinson.co.uk

I am riding from Lands end to John O'Groats to raise money for  
Parkinson's Disease Research. Please sponsor me here http://justgiving.com/pedalforparkinsons2009






More information about the Opendnssec-develop mailing list