[Freeipa-devel] SSL
Rob Crittenden
rcritten at redhat.com
Wed Jul 11 14:20:30 UTC 2007
Simo Sorce wrote:
> On Tue, 2007-07-10 at 17:11 -0400, Rob Crittenden wrote:
>> So I was thinking about the XML-RPC portion of this.
>>
>> One thing we'll be doing is setting and resetting user passwords. So we
>> should use SSL to protect them, if for no other reaosn.
>>
>> So:
>>
>> 1. I assume we'll have to use OpenSSL. If there are Python NSS bindings
>> I couldn't find them. OLPC may do this work for us
>> (http://dev.laptop.org/ticket/855)
>>
>> 2. How will we manage trust between the gui and command-line clients and
>> XML-RPC server?
>
> IF we are going to use kerberos, can't we just use GSSAPI to encrypt
> traffic?
>
> Simo.
>
There is a python-krbV package available in Fedora which is described as
"a relatively thin wrapper around the underlying C API."
Can someone more knowledgable take a look and see if this will fit our
needs? It is greek to me.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070711/99bc6706/attachment.bin>
More information about the Freeipa-devel
mailing list