On 02/08/2013 12:58 PM, Reindl Harald wrote:
Am 08.02.2013 12:54, schrieb Florian Weimer:
On 02/08/2013 12:41 PM, Michael Scherer wrote:
For a certificate, that's slightly more subtle. A certificate alone in a
package cannot do much. If there is no private key, then it cannot be
used out of the box, except for client side validation ( afaik ). So
all .pam certificates we can find would be used to validate another ssl
certificates.
Embedding a certificate in a RPM is fine because we can handle revocation/key rollover through an RPM
update—especially if it's not a configuration file. We might eventually get a better mechanism, but until that
happens, it's not so bad.
(This assumes that we own the certificate in question. Obviously, it won't do to download the certificate from the
Internet, bake it in, and hope that it won't change until it expires. That's just not going to work.)
it is NOT fine, it is just stupid
the certificate is broken after that
any random guy out there can missuse it and your users
which trust the certificate are
Please mind your language.
Evidently, we are not talking about the same thing. I was referring to
server certificates baked in to clients, in case this wasn't clear.
--
Florian Weimer / Red Hat Product Security Team
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
