[Freeipa-devel] DNSSEC key rotation: long-term approach
Petr Spacek
pspacek at redhat.com
Tue Mar 4 17:56:43 UTC 2014
Hello list,
On 13.2.2014 18:36, Petr Spacek wrote:
> Automatic key rotation:
> https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC/Keys/Longterm
I have started discussion with OpenDNSSEC people about LDAP database backend
and distributed-key generation:
http://lists.opendnssec.org/pipermail/opendnssec-user/2014-March/002779.html
Feel free to join the discussion.
BTW they also develop SoftHSM module (i.e. software implementation of PKCS#11
module) so there are some possibilities for extending SoftHSM for our purposes.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list