FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 10-27-2008, 03:25 PM
Miloslav Trmač
 
Default RFC: Fedora signing server design

Hello,
I'm working on a signing server for Fedora that stores keys and
passphrases without making them directly accessible to everybody who
should be able to sign data with Fedora keys, and I'd appreciate a
review of the design.

The current design is at https://fedoraproject.org/wiki/User:Mitr , with
detailed protocol specifications linked at the end of the page.

Thanks,
Mirek

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 10-27-2008, 06:39 PM
"Richard W.M. Jones"
 
Default RFC: Fedora signing server design

On Mon, Oct 27, 2008 at 04:25:58PM +0000, Miloslav Trmač wrote:
> I'm working on a signing server for Fedora that stores keys and
> passphrases without making them directly accessible to everybody who
> should be able to sign data with Fedora keys, and I'd appreciate a
> review of the design.

Did you read this about how CAcert designed their secure signing
system?

http://www.cacert.org/help.php?id=7

Quite interesting and relevant I think.

Rich.

--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
Read my OCaml programming blog: http://camltastic.blogspot.com/
Fedora now supports 68 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 10-27-2008, 09:11 PM
Till Maas
 
Default RFC: Fedora signing server design

On Mon October 27 2008, Miloslav Trmač wrote:

> I'm working on a signing server for Fedora that stores keys and
> passphrases without making them directly accessible to everybody who
> should be able to sign data with Fedora keys, and I'd appreciate a
> review of the design.

Are you cooperation with Jesse Keating? Afaik he works on this, too.

> The current design is at https://fedoraproject.org/wiki/User:Mitr , with
> detailed protocol specifications linked at the end of the page.

This would better fit on:
https://fedorahosted.org/sigul

This is the project page for the key signing server that is planned to be
implemented for Fedora.

Regards,
Till
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 10-27-2008, 09:16 PM
Miloslav Trmač
 
Default RFC: Fedora signing server design

Richard W.M. Jones p*še v Po 27. 10. 2008 v 19:39 +0000:
> Did you read this about how CAcert designed their secure signing
> system?
>
> http://www.cacert.org/help.php?id=7
>
> Quite interesting and relevant I think.
Indeed, thanks for the link.
Mirek

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 10-27-2008, 09:17 PM
Miloslav Trmač
 
Default RFC: Fedora signing server design

Till Maas p*še v Po 27. 10. 2008 v 23:11 +0100:
> On Mon October 27 2008, Miloslav Trmač wrote:
> > I'm working on a signing server for Fedora that stores keys and
> > passphrases without making them directly accessible to everybody who
> > should be able to sign data with Fedora keys, and I'd appreciate a
> > review of the design.
>
> Are you cooperation with Jesse Keating? Afaik he works on this, too.
Yes.
Mirek

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 

Thread Tools




All times are GMT. The time now is 04:22 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org