Simo Sorce
Simo Sorce
Having it not configured by default is definitely a decent first step. On the research only purpose it would be nice to have clarity. This seems to be the only...
Just to be clear, I know that there is a later disclaimer in bold there, but I always read that as a "temporary" disclaimer due to the fact the library...
> @simo5: Do you challenge the notion of making SHS sig gen available via _any_ software library or `liboqs` specifically? The former feels like a task of putting a genie...
@tmccombs I would look at the pkcs11 provider, given engines are now deprecated in OpenSSL 1.1 and that version of OpenSSL will rapidly be EOL as well... would it be...
At least for pkcs11 URIs this is not a huge problem, as customarily certificate objects and key objects can share the same CKA_ID (or sometime the same label). And OpenSSL...
Ideally you can mix and match filenames/URIs for keys and certs sometimes you may have tokens that can store keys but not certs, or other things like that. Cert and...
@tmccombs I assume the problem is passing the pkcs11 URI through the haproxy config, if tat can be resolved the changes needed to make use of the pkcs11-provider should be...
Resolved in #19648
FWIW, just tested this with KERNELRELEASE=5.8.16-200.fc32.x86_64 KVER=5.8.16-200.fc32.x86_64 Works a treat.
@paulidale is this progress public somewhere? I will be a user of this work early on and I would like to make sure the solution will be compatible with my...