A cryptographic store software is available for secure storage of sensitive information through encryption.
OpenDNSSEC uses the PKCS#11 interface to manage and store its cryptographic keys. This interface offers a means of communicating with cryptographic devices like HSMs and smart cards. These devices are intended to generate cryptographic keys, sign information and keep the private key information secure from external sources. They are generally efficient in performing specific cryptographic tasks as compared to other processes in a computer.
The implementation of PKCS#11 interface can limit the widespread adoption of OpenDNSSEC, as a potential user may be unwilling to invest in new hardware. To alleviate this concern, OpenDNSSEC has created a software implementation of a generic cryptographic device with a PKCS#11 interface, SoftHSM. SoftHSM is tailored to fit the OpenDNSSEC project requirements but can integrate with other cryptographic products due to its PKCS#11 interface.
Version 1.0.0: N/A