[Opendnssec-develop] getting rid of HSM callsfrom the communicator

[Alexd at nominet.org.uk]

> > It would seem the better option to me too to generate the salt at 
> > system installation/first startup.
> 
> Why? 

Would it be easier for an attacker to guess the hashes if he knew the 
salt? If not, then I suppose it doesn't matter.


Alex.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090910/5b84f300/attachment.htm>