[Opendnssec-develop] Updated requirements for SoftHSM v2
Roland van Rijswijk
roland.vanrijswijk at surfnet.nl
Thu Nov 26 12:22:15 UTC 2009
Perhaps we could keep a stripped down version of the current tool in a
'contrib' folder (i.e. non-supported)?
Cheers,
Roland
Jakob Schlyter wrote:
> On 26 nov 2009, at 12.54, Roland van Rijswijk wrote:
>
>> - Exporting keys in BIND format would lower the security level because
>> the keys would then be exported in the clear; this becomes especially
>> relevant if you use the tool with a real HSM
>
> I'm all for not exporting keys in BIND format, but the key conversion tool should probably be around somehow. perhaps it is better suited to be included in BIND though.
>
> jakob
>
--
-- Roland M. van Rijswijk
-- SURFnet Middleware Services
-- t: +31-30-2305388
-- e: roland.vanrijswijk at surfnet.nl
More information about the Opendnssec-develop
mailing list