Re: X.509 and CA certificates for other purposes (i.e. the IGTF)
On Sat, May 25, 2013 at 2:27 PM, Charles Plessy <plessy@debian.org> wrote:
> Le Fri, May 24, 2013 at 12:32:29PM +0200, Dennis van Dok a écrit :
>>
>> I've seen the Debconf '12 discussion on X.509 certificate stores[1]
>> and the Wiki page that came out of that discussion[2].
>>
>> 1.
>> http://www.irill.org/videos/debconf-12/895_X.509_Cert_Store_Discussion.mp4
>> 2. http://wiki.debian.org/X.509
>>
>> As far as I'm aware there aren't many mentions of [2] in the public
>> mailing lists, but I'm very interested to discuss where this is going.
>>
>> My main interest is the use case for certificates from the science
>> grid community. The IGTF[3] has a distribution of accredited CAs that
>> are used world-wide to authenticate both services and users. These are
>> typically not the kind of CAs you'd trust for on-line banking, but
>> services like:
>>
>> - compute clusters
>> - grid storage pools
>> - science clouds
>> - science workflow portals
>> - etc.
>
> Hi Dennis and everybody,
>
> somewhat related to this, I would like to know if there is a package that could
> host Amazon's EC2 public certificate ? In Ubuntu it is added to the euca2ools
> package, because a program of this package can use it, but it is not part of
> the upstream source (which is not Amazon), so I really would prefer to ship
> the certificate somewhere else.
>
> I proposed ca-certificates earlier, but the result was inconclusive.
>
> http://bugs.debian.org/573857
>
> Would there be a volunteer to maintain new package from scratch if needed ?
Maybe crypto consolidation arround libnss will greatly help here.
jessie release goal ?
> Cheers,
>
> --
> Charles Plessy
> Tsurumi, Kanagawa, Japan
>
>
> --
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20130525122708.GA29404@falafel.plessy.net">http://lists.debian.org/[🔎] 20130525122708.GA29404@falafel.plessy.net
>
Reply to: