BIND 10 #781: Define cryptographic API
BIND 10 Development
do-not-reply at isc.org
Wed Mar 30 11:10:43 UTC 2011
#781: Define cryptographic API
-------------------------------------+-------------------------------------
Reporter: stephen | Owner:
Type: task | Status: new
Priority: major | Milestone: Year 3
Component: Unclassified | Task Backlog
Sensitive: 0 | Keywords:
Add Hours to Ticket: 0 | Estimated Number of Hours: 0
Total Hours: 0 | Billable?: 1
| Internal?: 0
-------------------------------------+-------------------------------------
We need to define a thin layer above an existing cryptographic library so
that if required, we can change libraries at time time in the future.
As well as the interface into the cryptographic operations, the API should
also take account of the possible use of HSMs, possibly by defining a
PKCS#11-style interface. (It should also allow for the use of multiple
HSMs at the same time; typical use of this would be to roll a key from one
HSM to another when the first has reached the end of its life.)
--
Ticket URL: <https://bind10.isc.org/ticket/781>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list