[Opendnssec-user] Plans for ECDSA support in softhsm(2)
Benno Overeinder
benno at NLnetLabs.nl
Mon Mar 7 12:46:02 UTC 2016
Hi all,
> On 07 Mar 2016, at 12:29, Tom Hendrikx <tom at whyscream.net> wrote:
>
>
> Missed that page, thanks. Last update from 2013-11 would still validate
> my question though ;)
Indeed, an updated roadmap seems appropriate here. :-)
In formulating the roadmap, we are on top of the activities in the technical communities like IETF, RIR meetings, etc. But emails like yours are also important feedback. Thank you for bringing this up.
Best,
— Benno
> On 07-03-16 01:10, Daniel Griggs wrote:
>> Hi,
>>
>> Just checking the roadmap, it's on there.. in terms of which subversion I'm not sure.
>>
>> https://wiki.opendnssec.org/display/OpenDNSSEC/Roadmap
>>
>>
>> --
>> Daniel Griggs
>> daniel at nzrs.net.nz
>>
>>
>>
>>
>>
>>> On 7/03/2016, at 9:50 AM, Tom Hendrikx <tom at whyscream.net> wrote:
>>>
>>> Hi,
>>>
>>> I'm not a crypto guru , but always interested in new things. As I'm
>>> currently migrating my DNSSEC signing setup, I was looking into stuff to
>>> improve. I saw that a few new algorithms were introduced since my last
>>> setup, namely ECDSAP256SHA256 and ECDSAP384SHA384 (resp. algorithm 13
>>> and 14 from IANA registry).
>>>
>>> After trying to get that working with softhsm, I was told:
>>>
>>> ods-enforcerd: Key algorithm 13 unsupported by libhsm, exiting...
>>>
>>> So I went and setup softhsm2, which took some time (the ubuntu wily
>>> package is a bit rough still), but this resulted in the exact same error
>>> (also for algo 14).
>>>
>>> Are there any plans for ECDSA support? I didn't find any github tickets
>>> either mentioning this...
>>>
>>> Regards,
>>> Tom
>>>
>>> _______________________________________________
>>> Opendnssec-user mailing list
>>> Opendnssec-user at lists.opendnssec.org
>>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>>
>>
>>
>> _______________________________________________
>> Opendnssec-user mailing list
>> Opendnssec-user at lists.opendnssec.org
>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>>
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
--
Benno J. Overeinder
NLnet Labs
http://www.nlnetlabs.nl/
More information about the Opendnssec-user
mailing list