FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-01-2011, 02:51 AM
Bruno Wolff III
 
Default package (tinyca2) not longer present in F15, what to do about it?

On Mon, Aug 01, 2011 at 03:51:38 +0200,
Frantisek Hanzlik <franta@hanzlici.cz> wrote:
>
> I was using it for years and it's IMO usefull program for anyone who
> works with certificates. For now I simple build this package for F15
> from its F14 SRPMS, but it would be better when this package was in Fedora
> distro again.
>
> What I can do for it?

One option is covered at:
http://fedoraproject.org/wiki/PackageMaintainers/Join
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-08-2011, 08:42 PM
 
Default package (tinyca2) not longer present in F15, what to do about it?

-----Original Message-----
From: users-bounces@lists.fedoraproject.org [mailto:users-bounces@lists.fedoraproject.org] On Behalf Of Frantisek Hanzlik
Sent: maandag 1 augustus 2011 03:52
To: Fedora users
Subject: package (tinyca2) not longer present in F15, what to do about it?

For years before and up to F14 Fedora was contained package 'tinyca2'
(TinyCA is a graphical tool to manage a small Certification Authority, program was in group Applications/Internet).
This package is missing in F15, Technical Notes not mention nothing about this:
http://docs.fedoraproject.org/en-US/Fedora/15/html/Technical_Notes/index.html

I was using it for years and it's IMO usefull program for anyone who works with certificates. For now I simple build this package for F15 from its F14 SRPMS, but it would be better when this package was in Fedora distro again.

What I can do for it?

Thanks, Franta Hanzlik
-----Original Message-----

Hi Franta,

It's a weeek ago, but it seems you didn't got a reply.
Personally i discorage people to use tinyca.
Yes is/was included in several distro's but afaicr last maintenance was done several years ago.

So i would recommend other solutions:
If it is just some self-signed certificates, you can ise the openssl commandline tools
If you are doing serious things with certificates, i would recommend ejbca

It is distro agnostic with a web interface (java engine)


Hans

__________________________________________________ ____________________
Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 12:03 PM
Patrick Lists
 
Default package (tinyca2) not longer present in F15, what to do about it?

On 08/08/2011 10:42 PM, J.Witvliet@mindef.nl wrote:
[smip]
> If it is just some self-signed certificates, you can ise the openssl commandline tools
> If you are doing serious things with certificates, i would recommend ejbca
>
> It is distro agnostic with a web interface (java engine)

Similar to ejbca (thanks for the tip Hans!) there is also Dogtag which
is developed by Red Hat, Fedora & the Community and is available from
the Fedora repo. Version 9.0 was just released for F15. More info here:

http://pki.fedoraproject.org/wiki/PKI_Main_Page

Regards,
Patrick
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 12:10 PM
Stephen Gallagher
 
Default package (tinyca2) not longer present in F15, what to do about it?

On Mon, 2011-08-08 at 22:42 +0200, J.Witvliet@mindef.nl wrote:
> -----Original Message----- From: users-bounces@lists.fedoraproject.org
> [mailto:users-bounces@lists.fedoraproject.org] On Behalf Of Frantisek
> Hanzlik Sent: maandag 1 augustus 2011 03:52 To: Fedora users Subject:
> package (tinyca2) not longer present in F15, what to do about it?
>
> For years before and up to F14 Fedora was contained package 'tinyca2'
> (TinyCA is a graphical tool to manage a small Certification Authority,
> program was in group Applications/Internet). This package is missing in
> F15, Technical Notes not mention nothing about this:
> http://docs.fedoraproject.org/en-US/Fedora/15/html/Technical_Notes/index.html
>
> I was using it for years and it's IMO usefull program for anyone who
> works with certificates. For now I simple build this package for F15
> from its F14 SRPMS, but it would be better when this package was in
> Fedora distro again.
>
> What I can do for it?


The tinyca2 package was dropped from Fedora 15 because it has been
orphaned for quite some time (meaning that there is no one maintaining
it, making sure it gets updates and security fixes). If you want to take
over the maintenance of this package, please follow the steps outlined
at
http://fedoraproject.org/wiki/Orphaned_package_that_need_new_maintainers#Claimin g_Ownership_of_a_Deprecated_Package

I should note, however, that tinyca2 development appears dead upstream.
It last saw a release on July 25, 2006! So chances are good that it's no
longer safe for inclusion in Fedora. You probably want to give a look at
Dogtag: http://pki.fedoraproject.org/wiki/PKI_Main_Page

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 12:42 PM
Tom Horsley
 
Default package (tinyca2) not longer present in F15, what to do about it?

On Tue, 09 Aug 2011 08:10:39 -0400
Stephen Gallagher wrote:

> I should note, however, that tinyca2 development appears dead upstream.
> It last saw a release on July 25, 2006! So chances are good that it's no
> longer safe for inclusion in Fedora.

Or maybe it just does a job, does it well, and needs no frenetic
change for the sake of change?
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 01:53 PM
Chris Adams
 
Default package (tinyca2) not longer present in F15, what to do about it?

Once upon a time, Stephen Gallagher <sgallagh@redhat.com> said:
> I should note, however, that tinyca2 development appears dead upstream.
> It last saw a release on July 25, 2006! So chances are good that it's no
> longer safe for inclusion in Fedora.

Why does "long time since last release" mean "no longer safe"? Programs
don't have to change for the sake of change.
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 02:40 PM
Stephen Gallagher
 
Default package (tinyca2) not longer present in F15, what to do about it?

On Tue, 2011-08-09 at 08:42 -0400, Tom Horsley wrote:
> On Tue, 09 Aug 2011 08:10:39 -0400
> Stephen Gallagher wrote:
>
> > I should note, however, that tinyca2 development appears dead upstream.
> > It last saw a release on July 25, 2006! So chances are good that it's no
> > longer safe for inclusion in Fedora.
>
> Or maybe it just does a job, does it well, and needs no frenetic
> change for the sake of change?

I find it very difficult to believe that at no time in the last five
years that no security vulnerabilities could have been identified in a
Certificate Authority.

I certainly wouldn't place my trust in it.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 02:49 PM
Tom Horsley
 
Default package (tinyca2) not longer present in F15, what to do about it?

On Tue, 09 Aug 2011 10:40:44 -0400
Stephen Gallagher wrote:

> I find it very difficult to believe that at no time in the last five
> years that no security vulnerabilities could have been identified in a
> Certificate Authority.

But what does that have to do with a gui interface tool that probably
uses the dynamically linked openssl libraries to do all the work?
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 03:40 PM
Chris Adams
 
Default package (tinyca2) not longer present in F15, what to do about it?

Once upon a time, Stephen Gallagher <sgallagh@redhat.com> said:
> I find it very difficult to believe that at no time in the last five
> years that no security vulnerabilities could have been identified in a
> Certificate Authority.

Please stop unfounded fearmongering.

All TinyCA does is call out to OpenSSL command line utilities. IIRC it
uses a private tmp directory to avoid any potential issues with tmp
files; that's about the only potential security issue I can think of.
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-09-2011, 03:52 PM
Patrick O'Callaghan
 
Default package (tinyca2) not longer present in F15, what to do about it?

On Tue, 2011-08-09 at 08:53 -0500, Chris Adams wrote:
> Once upon a time, Stephen Gallagher <sgallagh@redhat.com> said:
> > I should note, however, that tinyca2 development appears dead upstream.
> > It last saw a release on July 25, 2006! So chances are good that it's no
> > longer safe for inclusion in Fedora.
>
> Why does "long time since last release" mean "no longer safe"? Programs
> don't have to change for the sake of change.

As I understand it, the issue is not that the package may have a problem
but that it has no maintainer, i.e. if a problem did show up there'd be
no-one to produce a revised package even if a fixed version appeared.

Compare procmail, which also hasn't changed in many years but is still
maintained.

poc

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 06:17 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org