[Opendnssec-develop] hsm-toolkit questions

Jakob Schlyter jakob at kirei.se
Wed Mar 11 12:45:22 UTC 2009

On 11 mar 2009, at 13.41, Rickard Bondesson wrote:

> Then we have to define how the public key should be hashed (in what  
> order to hash the key material). Or perhaps there is a procedure  
> defined by the community?

no, we don't and that's a very nice property of this solution.
the one who generates the label decides how to hash - the ones using  
it will just get the key from the keystore (e.g. using the <locator>  
in the signconf XML blob) and query the HSMs.


More information about the Opendnssec-develop mailing list