Hi Elizabeta, Elizabeta wrote: > I'm new to opendnsec. I've tried to use SoftHSM v2 and I was able to sign a > message without logging in. > Is that fine for SoftHSM ? since in the PKCS#11 specification it is written > that some tokens may not require any type of authentication to make the usage > of its cryptographic functions.
To answer your question we'll need a little bit more context. When you say sign, do you mean that you have (created) a program that used SoftHSM v2 as a PKCS #11 library? And if so, how did you create the keys that you were using to sign? If the private key was created with the CKA_PRIVATE attribute set to CK_FALSE, then you can create signatures without logging in on the token. Cheers, Roland -- -- Roland M. van Rijswijk - Deij -- SURFnet bv -- w: http://www.surf.nl/en/about-surf/subsidiaries/surfnet -- e: [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
