[Opendnssec-develop] storing blobs in the HSM
jelte at NLnetLabs.nl
Fri Feb 27 11:05:47 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Rickard Bondesson wrote:
>> Why would you store it in the HSM?
>> I'd store it on disk!
> Why make more dependencies with HSM:s than necessary? Is the salt value as important to protect as the private keys?
Actually, what I'm wondering now is where you store the metadata of currently
running policies, like what keys are in use, since when, etc. Looks to me like
that would also be the place to store current salt values.
Or was the place to store that also included in the original question?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Opendnssec-develop