[Opendnssec-user] Plans for ECDSA support in softhsm(2)

Daniel Griggs daniel at nzrs.net.nz
Mon Mar 7 01:10:24 CET 2016


Just checking the roadmap, it's on there.. in terms of which subversion I'm not sure.


Daniel Griggs
daniel at nzrs.net.nz

> On 7/03/2016, at 9:50 AM, Tom Hendrikx <tom at whyscream.net> wrote:
> Hi,
> I'm not a crypto guru , but always interested in new things. As I'm
> currently migrating my DNSSEC signing setup, I was looking into stuff to
> improve. I saw that a few new algorithms were introduced since my last
> setup, namely ECDSAP256SHA256 and ECDSAP384SHA384 (resp. algorithm 13
> and 14 from IANA registry).
> After trying to get that working with softhsm, I was told:
> ods-enforcerd: Key algorithm 13 unsupported by libhsm, exiting...
> So I went and setup softhsm2, which took some time (the ubuntu wily
> package is a bit rough still), but this resulted in the exact same error
> (also for algo 14).
> Are there any plans for ECDSA support? I didn't find any github tickets
> either mentioning this...
> Regards,
> 	Tom
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20160307/d207d7f8/attachment-0001.sig>

More information about the Opendnssec-user mailing list