[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-interest] Interest in certificate management functions in IPA



On 11/12/07, Karl Wirth wrote:
> Do you have interest in this functionality?

We have some interest; robust PKI infrastructure
would be amazing, especially if it had a clean API.
However, a word of caution that if you start talking
about anything beyond machine-level certificates
(such as SSL/TLS tied to a DNS name) the world gets
very complicated and as far as I can tell there's no
interopability. Even the SOAP WS-Security
"standard" seems abandoned.

> If so, for certs for what applications and use cases?

The low-hanging fruit would be system daemons
(httpd, dovecot, sendmail, etc./alternatives).

I'm also assuming you know about the Fedora Crypto
Consolidation Project:
http://fedoraproject.org/wiki/FedoraCryptoConsolidation


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]