-
I'm trying to package the DNSSEC key signing suite for Nix as part of the Summer of Nix program, sponsored by NGI0.
While writing the Nix expressions, I had to patch the `oks.py` file as it wasn't …
-
Please add missing 3DES wrap/unwrap support to SoftHSM2.
I ran into an issuing using SoftHSM2 to test PKIX-CMP user enroll. During enroll, SoftHSM2 is asked to do a 3DES unwrap which fails due to C…
-
We currently use a (free) cert from GlobalSign for basically everything.
This is a big problem because:
- It has to be manually renewed, yearly.
- All services share a single certificate and private k…
-
Reader name: Alcor Micro AU9560
ATR: 3BFF1300008131FE450031B9640444ECC17394018082900012
```js
{
"cards": [{
"atr": "3BFF1300008131FE450031B9640444ECC17394018082900012",
"name": "Tok…
-
**Issue**
Fulcio configuration is a bit of an inconsistent experience right now for the end user and as a developer. From an operator perspective:
- The OIDC provider details live on a config f…
-
- [ ] Rebuild packages with
```
CFLAGS='-DOPENSSL_NO_ENGINE -DOPENSSL_NO_DSA -DOPENSSL_NO_DES'
```
- [ ] Verify no reverse deps use them.
- [ ] Then rebuild openssl with those things turned of…
xnox updated
7 months ago
-
Problem:
Vault cannot keep confidentiality when the data processing in the memory, especially for those sensitive keys or secrets.
Proposals:
Intel SGX provides an isolated enclave with encrypted…
-
### What does the ELN SIG need to do?
The unplanned `.eln142` mass rebuild had a lot of failures despite (almost) everything having just been built after the F41 mass rebuild. There is some overla…
-
Hello,
Are there any detailed docs about how to configure fabric with AWS CloudHSM?
I've set up a CloudHSM instance and can connect to it with the cloudhsm_mgmt_util tool. I created a CU "fabric…
-
The waltid issuer & wallet should be able to integrate with any HSM that offers a PKCS#11 interface. For instance https://www.opendnssec.org/softhsm/
The implementation should follow a similar pat…