Hello Func community,
Adrian, Seth, and I were just talking with Karl Wirth (FreeIPA) about
Func and certmaster. Certmaster is a general use way of distributing
certs and has advantages for use beyond Func. Since FreeIPA wants a
similar mechanism, it seems to be a good idea to share.
Basically we think it would be a good idea to open up certmaster and
make certmaster it's own project on Fedora Hosted. As with Func, it
will be available in Fedora/EPEL under the same license as Func
(GPLv2+), and of course it will still be a community project so everyone
here will still be able to work on it.
The idea behind this is lots of projects want ways to distribute certs,
but not all users want to run Func (though we think that would great if
they did of course!).
As a side effect of moving it over, certmaster can get some upgrades
such as auto-renew support and optional (default: off) ability to store
certs in LDAP, etc. We'll also hopefully have a lot more really sharp
security guys working on it :) So, no, you will not need to install
FreeIPA to use Func, or Func to use FreeIPA ... but both will likely
have a dependency on certmaster -- which seems reasonable.
We aim to keep complexity of Func setup the same as it is now (that's
one of Func's main selling points) and want to coordinate with the
certmaster project to ensure Func doesn't get broken. Keeping existing
configs working is important, and if we do this right, setup
instructions will be the same or change only minimally. We also
intend to use the same mailing list for certmaster as this project, so
people don' thave to join other lists.
Before we enact this split, does anyone have any comments about this plan?
Thanks,
--Michael
_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
