Add a worked example to the ARM of using pkcs11-tokens and then dnssec-keyfromlabel with native pkcs11 using the tokens
It's two or three times now that Support have encountered confusion when using BIND with HSMs about what the 'tokens' are that you can see from pkcs11-tokens and how you need to use them.
Please can you add worked examples to the ARM section on using DNSSEC with HSMs, highlighting what the tokens 'mean' and how to use them in the dnssec- utilities.
Thanks!