[Opendnssec-develop] Refactoring of libhsm

Rickard Bellgrim rickard at opendnssec.org
Fri Aug 12 14:03:41 UTC 2011


>> Lost connections
>> -------------------------
>> Some HSMs will close down a session if it has not been used for some
>> time. The idea was to redesign libhsm to handle this. Most of the
>> actions in libhsm has something to do with a session, so it would be a
>> lot of work to be able to restore the session. I think it would more
>> suitable for the application to handle this. Like the Enforcer does
>> it, to reload libhsm or make sure to close down the connections if
>> they are not going to be used.
>>
>
> This works with the enforcer as it is now because the passphrase is
> available to it. If we move to a situation where user input is required then
> I think that keepalives would be desirable.

The conclusion from the meeting was to return the error and let the
application handle it. Like the Enforcer does it. Then also create a
suggestion on a keepalive functionality. Either running automatically
in libhsm or a no-op that the application forks off a thread for.

>> Private vs. Public keys
>> ---------------------------------
>>
>> There are two options here.
>> 1. Detect what algorithm the key object belongs to. Will probably
>> degrade the performance somewhat.
>> 2. Recommend that user to disable the option<SkipPublicKey>  if they
>> plan to run DAS or GOST.
>>
>> What do you think?
>
> I think option 1 unless the performance hit is really significant... Option
> 2 sounds like requiring users to know in advance how the system might be
> used in the future.

I can see if there is a simple solution.

// Rickard



More information about the Opendnssec-develop mailing list