[Opendnssec-develop] Signature verification in SoftHSM
Matthijs Mekking
matthijs at NLnetLabs.nl
Thu Mar 31 07:53:27 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
And after sending this message, I read this
On 03/09/2011 06:42 AM, Sebastian Castro wrote:
> Although after the increase in the number of signers things are
> better, I still see invalid zones because one key is missing or bogus
> signatures (which I reported on a separated email).
He is using softHSM. I'll ask for more info.
Best regards,
Matthijs
On 03/31/2011 09:47 AM, Matthijs Mekking wrote:
> imo you can remove it (but keep the code in a branch).
>
> Best regards,
>
> Matthijs
>
> On 03/31/2011 09:21 AM, Rickard Bellgrim wrote:
>> Hi
>
>> It is almost two years ago since we introduced signature verification in SoftHSM. This is a debug feature that enables SoftHSM to verify all the signatures that is created. To get this feature you have to configure with --enable-sigver. We added this because we one time got a signature that could not be verified, but we never managed to recreate this situation.
>
>> My question is: Can we remove this code from SoftHSM?
>
>> (I do not think anyone is using it. And the signing code would be much cleaner without it.)
>
>> // Rickard
>
>> _______________________________________________
>> Opendnssec-develop mailing list
>> Opendnssec-develop at lists.opendnssec.org
>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop
>
_______________________________________________
Opendnssec-develop mailing list
Opendnssec-develop at lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJNlDL3AAoJEA8yVCPsQCW5CWcIALo56GHRv81oXgUJ8EEf2PPI
jZ5CIMT0OfsZgO0Lpmc43Kp76DJAzqLzMdjMVLugh4gXzBioYAZ27bf6K0M6b05l
h74wp3nEcgmZvEDm+qakIhKgDGA3W9is1iZ1Gk+ES3Yk9lDQPiQMQyQPQ527uYeF
pA4PTd9mHD5FO4ARidU+i7KcWLmdoOwKBEJvd/4ivZQrDz50n2uzkvmaLucw8N05
fqop6c1Chs4WoETN5o/ybJiuaaD3dLe5z0QnUOBU4OSuAnEs+sHLZU4ljOpx50IC
vZ6Tva7UWrv5qzNV/d7tCtR9l0MRXNdy5Nbk3r0ssss0Rxl9egbNpB5NLGmQupo=
=LyvP
-----END PGP SIGNATURE-----
More information about the Opendnssec-develop
mailing list