[Cryptech Core] dnssec signer
Randy Bush
randy at psg.com
Tue Jul 14 14:23:51 UTC 2015
>> Except we don't have the last part. The install ends with
>> libpkcs11.so. AIUI, we need the opendnssec signer working over this
>> pkcs11, or we need to quickly implement increment hashing, so we can
>> use the bind9 signer (see ticket #39).
> Using OpenDNSSEC sucks less IMHO since we also get the hsm- toolset.
which is easier for user to set up and run when what is of interest is
not the dns code?
> I will tweek my OpenDNSSEC training material to cover what's needed,
> shouldn't take more than an hour friday morning.
rob's and paul's tradeoff between hacking and testing bind now vs if
they want to cut it that close in time.
randy
More information about the Core
mailing list