[Opendnssec-develop] Sun SCA6000 on Ubuntu

Jelte Jansen jelte at NLnetLabs.nl
Tue Jun 30 11:43:30 UTC 2009

Jakob Schlyter wrote:
> On 30 jun 2009, at 07.33, Rickard Bondesson wrote:
>> We should do the hashing in the host and not via an HSM. What do you 
>> think of that? Then we would only need to do signing and key 
>> generation in the hsm.
> are there any HSM that does not support signing only (and thus MUST do 
> the hashing itself)?

i think there are some cheap ones that do that, but i certainly can't name them. 
Note that they will fail with the current code as well, since while both hashing 
and signing are done by the hsm (library) at the moment, they are performed 


More information about the Opendnssec-develop mailing list