Hi, > If an HSM is used "online" through PKCS#11 API,
Nit: PKCS #11 is not a networked API, but implementations can access remote devices. > how the user "select the key container". In other words: how i select my > certificate and not the one from my neighbourgs ? * CKA_ID and/or CKA_LABEL attributes * multiple slots / tokens, sometimes called "partitions" of your HSM > Is there any place with a price comparison chart or some information about > HSM prices (instead of contacting each provider and ask). Most HSMs use an individual sales trajectory, in light of their high prices. Don't just look at the price; look at security principes such as access control, possibly redundancy options, and, easily forgotten but very important, backup/recovery facilities. -Rick _______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
