[Opendnssec-develop] hsm-toolkit questions

Wed Mar 11 12:25:51 UTC 2009

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> 1) The object identifier 

I remember that Jakob had the task of defining how we should internally reference the keys, which this will be a part of.

My view is that ID should be used as an identifier for a key. LABEL is used as a description of the object.

John talked about using C_DigestKey, but that is not applicable to asymmetric keys. So you would have to extract some key material on your own and digest that.

> 2) additional functionality 

Can't think of anything right now.

> 3) configurable defaults 

The defaults look good.

// Rickard
-----BEGIN PGP SIGNATURE-----
Version: 9.8.3 (Build 4028)
Charset: utf-8

wsBVAwUBSbetz+CjgaNTdVjaAQiReAf9FkIAssty85KiaBlZqmmad6bFUtj0kxtV
9OgGjv0/07mSzGBC/aTpTwUGlsRXWxrEfSxRhjY4EQ9PLpfRFg0IYhmZIJ5Y3NAZ
zDj0vvONd55FEmMQCXJJ+kCmaYuWY8TlZ+Ly9s2fmQ3KDX8gruXGxTem+HQngDJv
J27P3QKlq9Pd71rxCYmZTGks4UcAyhnK0pPvwrdBwHlBP3Ek6YBuRlexgAVcIpm9
yINTQM4knjl/eS4pkXsZnVkNJC7GUgTouBupsGYQf5iWwxsQgSz1VscwZdVd4GSj
x2EVI0ZwJY3FRSWSHyzXt8RlbGKoci92IZDpyBWh/SQHJIlr+UK64w==
=maeT
-----END PGP SIGNATURE-----