[Opendnssec-develop] HSMs use UTF-8 characters

Siôn Lloyd sion at nominet.org.uk
Wed May 21 09:45:25 UTC 2014

On 21/05/14 05:31, Jerry Lundström wrote:
> On tis, 2014-05-20 at 22:42 +0200, Jakob Schlyter wrote:
>> Is fixing this worth the effort? If the fix is easy, go ahead. But change always introducing risk as well.
> If the usage of wide character are only the label and pin then it would
> only affect the reading and storing of the repositories from conf.xml,
> the pin daemon and of course the usage against libhsm/PKCS#11.
> I do not think we use this information for anything else or for display
> so the impact code wise might be small.
> For what version are we considering this for? I would think 2.x'ish.

Does this cover the CKA_ID also? So could someone, potentially, import a
key that can then not be used (or worse)?

More information about the Opendnssec-develop mailing list