[Opendnssec-develop] getting rid of HSM callsfrom the communicator

Alexd at nominet.org.uk Alexd at nominet.org.uk
Thu Sep 10 09:08:33 UTC 2009

> > It would seem the better option to me too to generate the salt at 
> > system installation/first startup.
> Why? 

Would it be easier for an attacker to guess the hashes if he knew the 
salt? If not, then I suppose it doesn't matter.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090910/5b84f300/attachment.htm>

More information about the Opendnssec-develop mailing list