On 2008-03-25 06:04:16 PM, Dennis Gilmore wrote: > Products to be evaluated: > > http://pki.fedoraproject.org/wiki/PKI_Main_Page > https://www.openca.org/ > http://ejbca.sourceforge.net/ > Something custom We took a quick look at some of these in IRC, and I'd personally prefer something that doesn't use LDAP for storage (since we didn't end up going with LDAP for FAS, and it seems like overkill for just the CA). I haven't looked too deeply yet, but I'm currently leaning towards something custom. Would certmaster possibly be a good project to work on for providing this kind of functionality? > FAS will need modification to work with the new framework. I also want to > allow fedora-packager-setup to grab the cert directly rather than having the > user manually do it. probably with a flag for when to get a new cert. Would you want to request this directly from the CA, or would that not be exposed (and it would all communicate through FAS?) If you want to go through FAS, I have something that should work starting from the next releases of python-fedora and FAS (and it'd just stay the same once we've modified FAS to talk to an external CA). Thanks, Ricky
Attachment:
pgpfEy1FIHVNp.pgp
Description: PGP signature
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
