[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Looking for seconds to add the Amazon EC2 public certificate in ca-certificates.


On 08/23/2011 01:54 PM, Russ Allbery wrote:
> Miguel Landaeta <miguel@miguel.cc> writes:
>> Michael Shuler <michael@pbandjelly.org> wrote:
> 
>>> This is also my question - is this a CA that will be verifying and
>>> signing other certs? (I'll try to dig on the same info, as well)
> 
>> AFAIK, this certificate is only used to encrypt your AMIs and transfer them
>> securely to Amazon. In this way only you and Amazon know about the content
>> of your AMI, Amazon needs this in order to launch your AMIs in their cloud.
> 
> Hm, then it's not actually a CA, is it?
> 

My understanding is that it used only when using SOAP to communicate
with AWS. If a tool is going to use REST instead, it is not used. Thus
it is not a CA, and it is used only by fewer tools (REST seems more
popular lately).

I think most of the euca2ool calls are not converted to REST. Not sure
how many SOAP calls are leftover.

cheers
graziano

-- 
Graziano Obertelli
Eucalyptus Systems, Inc.
Reply to: