[Opendnssec-develop] common configuration file
Jakob Schlyter
jakob at kirei.se
Mon Mar 30 14:29:26 UTC 2009
it seems that everyone likes YAML (but John hasn't replied yet, so
we'll wait a bit more). but, since we all have to link with an XML
parser, why not use XML - or we just need YetAnotherParser in the code
(like YAML)? this would be my reason to choose ASN.2^H^H^H^H^HXML.
however, the following paramters are needed (exact syntax TBD):
enforcer:
interval: 3600 seconds
keygen-interval: 3 months
backup-delay: 3 days
pkcs11:
repository: {
sca6k: /usr/lib/pkcs11.so
opensc: /usr/lib/opensc-pkcs11.so
}
question: is there a need to specify a slot# for each key repository?
I think not as both the enforcer and the signer needs to enumerate all
possible slots anyway and you can probably force a slot# at key
generation time.
jakob
More information about the Opendnssec-develop
mailing list