Hi Ives, > anyone tried to use the yubico hsm with openxpki yet? > any experience? if not - what might be the necessary steps to get it > integrated?
I am afraid noone has tried it yet. It should work out of the box with the PKCS#11 driver, however. I’ve had a look at the specs some time ago. From the feature set it did not look too attractive to me. It’s lacking some features I would like to see in a HSM used for an Issuing CA, in particular key protection and backup/recovery with a k/n quorum, as well as the possiblity to selectively and explicitly login/logout individual keys when the HSM is running (and being able to set a policy for this). It looks like a decent device for use in the shared web server hosting business, however. cheers Martin ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ OpenXPKI-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-devel
