On Tue, 2005-04-19 at 16:07 -0400, John Dennis wrote: > 3) Certificates and keys are not a property of the openssl package, > there should be a package neutral location in the spirit of FHS to > locate all certificate and key files which can be shared by all > packages. Someplace in /etc seems ideal. > > Proposal: the filesystem rpm creates the following 3 new directories > > /etc/keys > /etc/keys/public > /etc/keys/private > > Individual applications can make use of these directories in whatever > fashion they desire, as long as the files they install there are > certificates or keys of any form. They set their own permissions and > ownerships. +1 from me. From a desktop perspective, we need _one_ place to store user certs and keys. For example, in the future when NetworkManager supports 802.1x and wireless authentication with WPA, we'll need a place to store the user's certs for authentication against the access point and RADIUS server. Evolution stores user certs. Many other things do as well. Its just plain dumb to have this stuff everywhere and not manageable by an application. Dan
