[Opendnssec-develop] Updated requirements for SoftHSM v2

Roland van Rijswijk roland.vanrijswijk at surfnet.nl
Thu Nov 26 12:22:15 UTC 2009


Perhaps we could keep a stripped down version of the current tool in a
'contrib' folder (i.e. non-supported)?

Cheers,

Roland

Jakob Schlyter wrote:
> On 26 nov 2009, at 12.54, Roland van Rijswijk wrote:
> 
>> - Exporting keys in BIND format would lower the security level because
>> the keys would then be exported in the clear; this becomes especially
>> relevant if you use the tool with a real HSM
> 
> I'm all for not exporting keys in BIND format, but the key conversion tool should probably be around somehow. perhaps it is better suited to be included in BIND though.
> 
> 	jakob
> 

-- 
-- Roland M. van Rijswijk
-- SURFnet Middleware Services
-- t: +31-30-2305388
-- e: roland.vanrijswijk at surfnet.nl




More information about the Opendnssec-develop mailing list