[Opendnssec-user] ECC algo signing in ods?
PGNet Dev
pgnet.dev at gmail.com
Mon Dec 19 17:40:04 UTC 2016
On 12/19/2016 09:15 AM, Yuri Schaeffer wrote:
> Well, that version you compiled should have support! It is indeed staged
> for the 2.1 release. It should be in the NEWS file in the repositories
> root directory.
aha!
cat NEWS
...
UNRELEASED:
...
* OPENDNSSEC-450: Implement support for ECDSA P-256, P-384, GOST. Notice:
...
no mention of 'ecc' or 'elliptic' or 'curve', so I grep-missed it :-/
I assume that the ods algo #'s match the IANA's for the ECDSA P-256 & P-384 algos? i.e., "13" & "14"?
> Note that you can not use SoftHSMv1 as it doesn't support anything other
> than RSA. SoftHSMv2 does work. Let me know how it works out, you are the
> first user!
yep, I already have
/usr/local/softhsm/bin/softhsm2-util --version
2.3.0rc1
we'll see how it goes.
More information about the Opendnssec-user
mailing list