BIND

this document provides information about configuring the {{vectera}} hsm with bind by using {{futurex}} pkcs #11 libraries for additional questions related to your hsm, see the relevant user guide about bind bind is a software suite for interacting with the domain name system (dns) its most prominent component, named (short for name daemon), performs both of the primary dns server roles, acting as an authoritative name server for dns zones and as a recursive resolver in the network as of 2015, it is the most widely used domain name server software and is the de facto standard on unix like operating systems also contained in the suite are various administration tools such as nsupdate and dig , and a dns resolver interface library pkcs #11 in bind the pkcs #11 support in bind comes in two flavors the native pkcs #11 that interfaces directly with the hsm provided library via the pkcs #11 api this allows bind to interact directly with the pkcs #11 provider for the public key cryptography (dnssec) the openssl based pkcs #11 interfaces with the pkcs #11 provider indirectly via the pkcs11 engine provided by the opensc project this integration guide describes the second method as it is more universal and doesn't require bind to be recompiled guardian integration the {{guard}} introduces mission critical viability to core cryptographic infrastructure, including centralization of device management elimination of points of failure distribution of transaction loads group specific function blocking user defined grouping systems see the applicable guide in the {{futurex}} portal for configuring hsms with the {{guard}} , including pkcs #11 and cng configuration