On 03/09/13 08:28, Joe Abley wrote: > Hey, > > I think anybody using softhsm in production should perhaps be introduced > to <http://www.entropykey.co.uk/>. >
It seems Simtec Electronics might be in a frail position at this point https://plus.google.com/101939425596655172174/posts/3t1srjHnWUf We got a bunch of those entropy keys for servers doing SSL and we really like them... it's a very good product. > > Joe > > Aue Te Ariki! He toki ki roto taku mahuna! > > On 2013-09-02, at 15:21, "Carlos M. Martinez" <[email protected] > <mailto:[email protected]>> wrote: > >> Hello, >>> I'm still not convinced these are harmless. But I guess I'm strongly >>> biased to only depending on a FIPS certified RNG. >> I think we need to think about where OpenDNSSEC will be used the most, >> which is our target audience. >> >> FIPS-like requirements are great if you are a TLD, or a large DNS host >> with many zones. If you are a small shop signing only a couple of zones, >> then it's too much. >> >> It would be great if different target audiences could be defined at run >> time, but I don't know if it's doable. >> >> regards >> >> ~Carlos >>> >>> Paul >>> _______________________________________________ >>> Opendnssec-user mailing list >>> [email protected] >>> <mailto:[email protected]> >>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user >> >> _______________________________________________ >> Opendnssec-user mailing list >> [email protected] >> <mailto:[email protected]> >> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user > > > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user > -- Sebastian Castro DNS Specialist .nz Registry Services (New Zealand Domain Name Registry Limited) desk: +64 4 495 2337 mobile: +64 21 400535 _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
