[Opendnssec-user] Evaluation of SoftHSM

opendnssec at arminpech.de opendnssec at arminpech.de
Thu Jun 23 19:22:07 UTC 2016

Hi there,

I'm looking for appropriate components to setup a DNSSEC signer for
several second level domains.
The SoftHSM is quite interesting in terms of transparency, flexibility
and replication or backup.
A DNS operator is surely in charge to define the security level based on
the requirements of the DNS zone to be signed.
So would you refrain from using SoftHSM in production as storage backend
for the key data?
Is the SoftHSM v2 release marked as stable or are there any plans to do
so? - The OpenDNSSEC wiki says it's the development release at the moment.

Thanks for your effort in making DNSSEC deployments understandable and
more simple by OpenDNSSEC :)


More information about the Opendnssec-user mailing list