This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Is development still ongoing ? #712
Comments
|
@rijswijk Sorry to @ you like this but as the last merger of this project, can you share some news maybe ? |
|
Well, given the recent activity by @halderen, I think the response to my question is "Yes". |
|
It seems that I have talked too soon. |
|
@antoinelochet from all the dead links on the SoftHSM web site, I would guess the project is no longer being supported? Did you ever receive a response to your three month old query? |
|
I really wish I had. |
As for CI there is a PR for a CI via Github Actions in #733, this can probably be extended in many ways,
You are right, it seems that 25 merged PRs are not included in a tag/release. |
|
Any news on my query ? |
|
Dear members of the community, First of all, let me apologise for the long radio silence in the SoftHSM v2 project. In this message, we would like to set out the current state of SoftHSM v2 development. Let me start with a bit of history to provide context. SoftHSM v2 was first developed as a successor to SoftHSM, which was originally a component of the OpenDNSSEC project. The rationale for starting SoftHSM v2 was simple: the original SoftHSM had no security features and stored key materials in clear text in a database. SoftHSM was only ever intended as a placeholder PKCS #11 implementation for use with OpenDNSSEC under the assumption that most user of OpenDNSSEC would eventually use a "real" HSM with its own PKCS #11 module and that SoftHSM would only be used for testing and development. When it became clear that many deployments used SoftHSM in production, a decision was made to develop a much more secure successor which we called SoftHSM v2. Development of SoftHSM v2 was initially done by a development team consisting of staff members of IIS (the registry for .se) and SURFnet (the National Research and Education Network in The Netherlands), both also contributors to OpenDNSSEC. Over time, the team members changed job positions a number of times, and eventually all team members ended up in roles that were incompatible with sustained development work on SoftHSM v2. While team members did occasionally spend time on the code base in their spare time, they do not have sufficient spare cycles to perform maintenance let alone develop new features. As maintainers of the OpenDNSSEC project, NLnet Labs also worked on SoftHSM v2, verifying and merging pull requests from the community and fixing some of the bugs reported in the issue tracker. At this time, this is also best effort, and no significant development time is available to spend on the project. Given the above, the current state is that development on SoftHSM v2 is dormant and not likely to pick up significantly in the near future. We are conferring as a team on how to proceed in the future, but this will likely take us until at least the summer of 2024. I wish I could provide a more definitive outlook for the future. On behalf of the SoftHSM v2 developers, Roland van Rijswijk-Deij |
|
Thanks for elaborating, it certainly helps with understanding the current state of this project. Your situation is of course understandable, as priorities and responsibilities shift over time. I just wanted to put out there that SoftHSM v2 is still an remarkably useful piece of software for anyone working within the niche field of HSMs and PKCS#11 and hope you can work out a plan. At any rate, there is still a decent amount of interest from potential contributors 🙂 |
|
Hello @rijswijk, |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Hello,
The last official release of SoftHSM is 3 years old and with a lot of pull requests are waiting to be reviewed or merged.
The continuous integration seems broken also ?
Is there any willingness or plan to "revive" this very useful library ?
The text was updated successfully, but these errors were encountered: