[Cryptech Core] dnssec signer

Randy Bush randy at psg.com
Tue Jul 14 14:23:51 UTC 2015

Previous message (by thread): [Cryptech Core] dnssec signer
Next message (by thread): [Cryptech Core] dnssec signer
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> Except we don't have the last part. The install ends with
>> libpkcs11.so.  AIUI, we need the opendnssec signer working over this
>> pkcs11, or we need to quickly implement increment hashing, so we can
>> use the bind9 signer (see ticket #39).
> Using OpenDNSSEC sucks less IMHO since we also get the hsm- toolset.

which is easier for user to set up and run when what is of interest is
not the dns code?

> I will tweek my OpenDNSSEC training material to cover what's needed,
> shouldn't take more than an hour friday morning.

rob's and paul's tradeoff between hacking and testing bind now vs if
they want to cut it that close in time.

randy

Previous message (by thread): [Cryptech Core] dnssec signer
Next message (by thread): [Cryptech Core] dnssec signer
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Core mailing list