On Thu, 21 Aug 2008, Jeffrey Ollie wrote: > 2008/8/21 Toshio Kuratomi <a.badger@xxxxxxxxx>: > > > > The Fedora Certificates issued by FAS are currently set to be autogenerated > > if you have an account in FAS. This has one drawback. We have to keep the > > password for the CA keys that sign the FAS certificates in a file on the > > filesystem so that the automatic signing can use them. > > > > Has anyone else had to confront this problem? Right now I'm thinking of > > coding something that involves human interaction to sign the certs and send > > email notifying people when their cert is ready to download. That's > > certainly doable, but introduces a wait time that isn't in the current > > design. I'd love input on better ways to do this. > > What about using a crypto card like Jesse plans on using for Sigul? > I've never actually used a crypto card... Do they add additional security if they're sitting in a colo always plugged in? If so how do they do that? -Mike _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
