[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora CA Project



On Tuesday 25 March 2008, seth vidal wrote:
> On Tue, 2008-03-25 at 19:26 -0400, Jeremy Katz wrote:
> > On Tue, 2008-03-25 at 18:04 -0500, Dennis Gilmore wrote:
> > > So this is a brief overview of whats needed.  Im going to open the
> > > floor for a week for open discussion on how we should best do this.
> >
> > I don't have the details[1], but we should ensure if we're fixing our
> > certificate infrastructure that we do it in such a way that the serials
> > on our certs are reasonable and that they can be used for things like
> > signing mail.
We have to have proper serials to be able to revoke certificates  so yes  that 
is part of it.

> Have we just setup an instance of the certificate server code rh just
> released?
>
> Alternatively (and I probably wouldn't recommend this for user certs) we
> could use/hack on certmaster to be able to handle these requests.
>
> it's definitely returning certs w/proper serials, etc.
We have not set anything up yet but  dogtag-pki  is at pki.fedoraproject.org 
is  the code that RH just released. its something  that we should evaluate.

Dennis

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]