[Opendnssec-develop] hsm-toolkit questions
jakob at kirei.se
Wed Mar 11 12:45:22 UTC 2009
On 11 mar 2009, at 13.41, Rickard Bondesson wrote:
> Then we have to define how the public key should be hashed (in what
> order to hash the key material). Or perhaps there is a procedure
> defined by the community?
no, we don't and that's a very nice property of this solution.
the one who generates the label decides how to hash - the ones using
it will just get the key from the keystore (e.g. using the <locator>
in the signconf XML blob) and query the HSMs.
More information about the Opendnssec-develop