[Opendnssec-develop] hsm-toolkit questions
roy at nominet.org.uk
Wed Mar 11 11:48:18 UTC 2009
While the hsm-toolkit slowly reaches adolescense, I'd like to discuss some
topics on the subject:
1) The object identifier
We need to identify an object. This can either be done by the LABEL or by
ID. Please give guidance on which to use, and what the values for this
identifiers need to be. I remember that 'hash of the key' was mentioned.
Please advice which algorithm to use. I also need to know if hsm-toolkit
needs to avoid identifier collisions or not.
2) additional functionality
The software can list, generate and destroy RSA objects from the token. Is
there interest in additional functionality, or do we want to keep it to
the bare necessities (list/generate/destroy objects)
3) configurable defaults
Currently, all parameters need to be specified on the command line. Some
have static defaults. Do we want configurable defaults through a
configuration file, or no defaults, or the current status quo?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Opendnssec-develop