[Cryptech Tech] Generating keys on alpha using pkcs11-tool

Rob Austein sra at hactrn.net
Tue Nov 22 06:23:53 UTC 2016

At Mon, 21 Nov 2016 14:04:13 +0000, Peter Stuge wrote:
> Rob Austein wrote:
> > > What would your recommended next step for debugging be?
> > 
> > I would not put serious effort into debugging that version, it's far
> > enough behind the current development code that it'd be wasted
> > effort.  The keystore has completely changed,
> Also on device?

Don't think I understand the question.  At a guess, you're asking
whether the new keystore is (entirely) on the HSM itself, in which
case the answer is yes.

> > and I'm currently in the
> > process of getting rid of the SQL database entirely (not there yet).
> Sounds good! How? What's the replacement? Where was the design discussion?

What discussion there was happened on this list a while ago.
Conceptually it's not all that complicated, just pesky details.

> Is it pretty much the filesystem that was discussed a while back?

Pretty much.

More information about the Tech mailing list