Hi Petr, I’m separating the SoftHSMv2 into a new thread.
On 06 Mar 2014, at 14:06 , Petr Spacek <[email protected]> wrote: > Imagine that the data store is in fact a remote database. You want to be able > to use the keys stored in the token even if the connection to the backend > database is down. That should be handled by the backend code then, if it needs to cache locally etc. I think SoftHSMv2 has its backend abstracted so this should be possible but I am no expect in SoftHSMv2, that is mostly handled by Rickard and Francis. Maybe they can shed some light on this? > Anyway, we are going to investigate if SoftHSMv2 can work on top of our > existing database code or not. I'm not saying 'no', I'm just saying that it > is not that easy as it may seem. I understand that, your basically trying to make a network distributed HSM and we have seen big companies take their time to make it really work. Regards, Jerry -- Jerry Lundström - OpenDNSSEC Developer http://www.opendnssec.org/
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
