+--On 17 mars 2014 17:51:33 +0000 Evan Hunt <e...@isc.org> wrote: | This new code uses pkcs11 for all crypto, instead of using openssl as a | shim. So yes, you can build with either native pkcs11 or openssl, but | not both.
Hum, so, it will also use pkcs11 for dnssec validation too ? (Sorry if this seems a silly question.) Also, from your example, it seems the pkcs11 library is a build time thing, could it be a runtime configuration so that we can provide an agnostic package and then you just need to point BIND to the right .so in its configuration ? And does OpenSSL provide a pkcs11 interface ? (To know if I could switch the default BIND package from using openssl to using openssl through pkcs11) Regards, -- Mathieu Arnold _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users