[Opendnssec-develop] Re: HSM test program -> develop against SoftHSM?

Jakob Schlyter jakob at kirei.se
Wed May 6 18:55:45 UTC 2009

On 6 maj 2009, at 08.47, Rick van Rein wrote:

> I've dealt with this a lot, and have generally found PKCS #11 a very  
> good
> standard, in that it leaves little room for imagination.

still vendors like Sun doesn't implement parts of it (which we found  
out when testing the signer earlier this week). I believe the HSM test  
program should exercise at least the stuff we use in libhsm (currently  
that code lives in the signer and in keygend), so that people can  
verify that the pkcs11 library they've given works with OpenDNSSEC.


More information about the Opendnssec-develop mailing list