Why still no PKCS#11 ECC key support in OpenSSH ?
Thomas Calderon
calderon.thomas at gmail.com
Tue Aug 14 06:20:29 AEST 2018
Hello Damien,
You don't necessarily need hardware to progress on most of the integration,
you could use a software token to start with, softhsmv2 supports ECC and is
a good PKCS#11 implementation.
Cheers,
Thomas
On Mon, 13 Aug 2018, 21:10 Damien Miller, <djm at mindrot.org> wrote:
> On Mon, 13 Aug 2018, Blumenthal, Uri - 0553 - MITLL wrote:
>
> > Lack of time on the Open Source projects is understandable, and not
> uncommon.
> >
> > However, PKCS11 has been in the codebase practically forever - the ECC
> > patches that I saw did not alter the API or such. It is especially
> > non-invasive when digital signature is concerned.
> >
> > Considering how long those patches have been sitting in the queue, and
> > the continued interest among the users - perhaps you can prioritize
> > the integration?
>
> If someone can recommend hardware and some instructions on how to
> set it up that will only improve the changes of this happening sooner.
>
> -d
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list