[Opendnssec-user] Looking for a "cheap" HSM
jabley at hopcount.ca
Mon Jun 24 17:12:19 CEST 2013
On 2013-06-24, at 08:47, "Rick van Rein (OpenFortress)" <rick at openfortress.nl> wrote:
>> If an HSM is used "online" through PKCS#11 API,
> Nit: PKCS #11 is not a networked API, but implementations can access remote devices.
"Online" (in my experience, in this context) doesn't necessarily mean "networked". It means that the HSM is available to a host to perform crypto operations without manual intervention required, as opposed to being in a state where manual activation (e.g. using smart cards, PIN codes) is required.
More information about the Opendnssec-user