[Opendnssec-develop] common configuration file

Jakob Schlyter jakob at kirei.se
Mon Mar 30 14:29:26 UTC 2009

it seems that everyone likes YAML (but John hasn't replied yet, so  
we'll wait a bit more). but, since we all have to link with an XML  
parser, why not use XML - or we just need YetAnotherParser in the code  
(like YAML)? this would be my reason to choose ASN.2^H^H^H^H^HXML.

however, the following paramters are needed (exact syntax TBD):

	interval: 3600 seconds
	keygen-interval: 3 months
	backup-delay: 3 days
	repository: {
		sca6k:  /usr/lib/pkcs11.so
		opensc: /usr/lib/opensc-pkcs11.so

question: is there a need to specify a slot# for each key repository?  
I think not as both the enforcer and the signer needs to enumerate all  
possible slots anyway and you can probably force a slot# at key  
generation time.


More information about the Opendnssec-develop mailing list