[Opendnssec-user] SoftHSM requirements: proposed addition

Rickard Bellgrim rickard.bellgrim at iis.se
Thu May 27 09:32:16 UTC 2010

On 27 maj 2010, at 11.12, Bud P. Bruegger wrote:

> One way of achieving this would be via a simple PKCS#11 proxy that
> forwards seralized calls over eithernet to the dedicated host of the
> SoftHSM.  In the context of GnuTLS, Alon Bar-Lev has proposed just
> this[1] but I don't know whether that was implemented (I doubt it). 

Yeah, we have been talking about creating a PKCS#11 proxy. But we separated that work from SoftHSM v2. Our idea is to make a proxy that would work with any PKCS#11 implementation. So that you also can move away e.g. PCI cards to another computer.

But we will first finish version 2, then have a look on the proxy.

// Rickard

More information about the Opendnssec-user mailing list