Greg Hudson wrote: > Is it sufficient for just the master key to be behind a PKCS #11 device, so > that the existing database format can be preserved at the cost of letting > long-term keys pass through KDC application memory?
IMO yes. Ciao, Michael.
Description: S/MIME Cryptographic Signature
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos