Hey, I think anybody using softhsm in production should perhaps be introduced to <http://www.entropykey.co.uk/>.
Joe Aue Te Ariki! He toki ki roto taku mahuna! On 2013-09-02, at 15:21, "Carlos M. Martinez" <[email protected]> wrote: Hello, I'm still not convinced these are harmless. But I guess I'm strongly biased to only depending on a FIPS certified RNG. I think we need to think about where OpenDNSSEC will be used the most, which is our target audience. FIPS-like requirements are great if you are a TLD, or a large DNS host with many zones. If you are a small shop signing only a couple of zones, then it's too much. It would be great if different target audiences could be defined at run time, but I don't know if it's doable. regards ~Carlos Paul _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
