[Opendnssec-develop] interaction between the Signer and KASP

[John Dickinson]

On 8 Jan 2009, at 08:21, Rickard Bondesson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>> As promised here are my thoughts. This document is by no
>> means complete and is only intended to reflect my
>> understanding of what we are doing. Therefore, it will need
>> some discussion :)
>
> Great!
>
> As for the security module location, variable in the database, I  
> assume it also contains the slotID and some kind of object  
> identifier (like the CKA_ID or CKA_LABEL).

Yes it will. We have been thinking about a URL that contains the id or  
label as well as the path to the pkcs11 library. Something like  
pkcs11:///usr/lib/my_pkcs11_lib.so?slot=1&id=123&label=mykey However,  
when I started playing with the code I did start wondering if that  
would be worth the effort. It might be easier to just have different  
fields in the table (saves all the URL parsing code after all). That  
is (I think) something that will come out as part of working on the  
prototype.

>
> We should also discuss our commitment and how much time we can spend  
> on this project. This would make it easier to make a more detailed  
> time schedule and resource planning.

Yes.

> As for me, I am working 100 % with this project (SoftHSM). I can  
> also contribute with project administration, like a more detailed  
> project plan, time plan, and calling for meetings (if this is OK by  
> Roy (knows that he has a lot to do in other projects)).
>
>
>> As for a meeting, I am skiing 17th - 25th but available all
>> the rest of the month.
>
> Perhaps we could have one in next week (not Monday, I have a full  
> day meeting) on Jabber?

I think a conference call would be better if someone can provide the  
technology but jabber is fine as well. We can use a room on my jabber  
server if necessary. Here is a doodle if that helps get this arranged http://www.doodle.com/2fpcx8smn4p8kiaa

John