[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFS: NewPKI



On Sat, Apr 17, 2004 at 10:01:55PM +0200, Thomas Dupouy wrote:
>Hi debian mentors.
>I am looking for a sponsor for two packages : 
>	newpki-server : PKI based on the OpenSSL low-level API (server package)
>	newpki-client : PKI based on the OpenSSL low-level API (client package)
>Here is the story : as a journalist for a french magazine, I was asked
>to write an article about PKI's. PKI's are systems designed to manage
>cetificates on a long term (creation, revocation, etc). The first think
>I did was an "apt-cache search pki" and... surprisingly found (almost)
>nothing !
>After some investigations on Google, it appeared that, except openCA et
>idx-pki, a promising software exists : NewPKI.
>Produced by Frederic Giudicelli (french person too), NewPKI is a C++
>client-server software. The server part uses a MySQL database to keep
>all certificates, and the client part is a WxWindows GUI used to manage
>the server. 
>As there are my first packages, I've tried my best to make them well.
>Instead of running as root, the server part runs as unauthorised user
>"newpki", and manual changes to configuration files are kept on
>upgrade.
>It will need some work to validate and maybe correct the scripts and
>comments, but not so much. Frederic Giudicelli is motivated, as I am,
>to see his software entering the Debian pools.
>This software is GPL v2 licensed. I've supposed it should take place
>in section "utils" as OpenSSL is.
>Packages are available at 
>	http://moz.free.fr/newpki/ 
>and the author page is at
>	http://www.newpki.org
>
>Description: PKI based on the OpenSSL low-level API (client package)
>  All the datas are handled through a database, which provides
>  a much more flexible PKI than with OpenSSL, such as seeking
>  a certificate with a search engine.
>  .
>  There is an SQL abstraction layer, the one provided is for a MySQL database.
>  .
>  NewPKI is developed in c++, there are only a few public classes,
>  which allows to handle any kind of application, a standalone, a PHP module,
>  or to easily integrate NewPKI in an existing project.
>  .
>  Here are the key features of the actual version of NewPKI:
>   - Handling of multiple CAs in one server.
>   - Publish a certificate request from CSR.
>   - Publish a certificate request, by specifying the DN fields.
>   - Certify a request, specifying the DN Policy and the certificate extension.
>   - Revoke a certificate.
>   - Generate the CRL.
>   - Search for the waiting requests, or the certificates.
>   - OCSP responder.
>   - LDAP seek and publication.
>
>The newpki-client package is lintian clean. The newpki-server report a
>warning due to the option "start at boot" which optionnaly update-rc.d
>depending on the customer answer.
>So I'm looking for a sponsor, please have a look

The packages look as if they are Debian native packages. Obviously,
there are not. I suggest you to read the policy [0] and developer's
reference [1] documents carefully.

I couldn't find the corresponding ITP reports for both newpki-server and
newpki-client at [2]. See [3] and [4].

Don't forget to include a 'CLoses: #nnnnnn' in the corresponding
debian/changelog files to close the ITP reports.

Please read [5] if you haven't done so.

Why are not the versions 2.0.0-beta3.1 and 2.0.0-beta3 for the client
and the server packages, respectively? See [4].

Before you build the packages, the name of the original tarball 
newpki-client-2.0.0-beta3.1.tar.gz should be changed to
newpki-client_2.0.0-beta3.1.orig.tar.gz (note the '_' and the '.orig').

Similarly, the name of the original tarball
newpki-server-2.0.0-beta3.tar.gz should be changed to
newpki-server_2.0.0-beta3.orig.tar.gz.

Renaming the original tarballs, will indicate to dpkg-buildpackage that
the packages are not native packages, see [7].

Please read [8] and change your debian/copyright files accordingly.

Please read [9] and change the package descriptions accordingly.

[0] http://www.debian.org/doc/debian-policy/
[1] http://www.debian.org/doc/developers-reference/
[2] http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=wnpp
[3] http://www.debian.org/devel/wnpp/
[4] http://www.debian.org/Bugs/server-control
[5] http://people.debian.org/~mpalmer/debian-mentors_FAQ.html
[6] http://www.debian.org/doc/debian-policy/ch-binary.html#s3.2.1
[7] http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-sourcelayout
[8] http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200312/msg00007.html
[9] http://people.debian.org/~walters/descriptions.html

>Best regards,
>
>-- 
>Thomas Dupouy
>moz@gmx.fr
>
>----------------------------------------------------------------------
>GnuPG public key ID : 35293BA8ECA61F4E
>GnuPG fingerprint   : E71F DAB5 987B CCC9 FF56  38FE 3529 3BA8 ECA6 1F4E
>----------------------------------------------------------------------

Anibal Monsalve Salazar
--
 .''`.  Debian GNU/Linux      | Building 28C
: :' :  Free Operating System | Monash University VIC 3800, Australia
`. `'   http://debian.org/    | http://www-personal.monash.edu/~anibal/
  `-                          |

Attachment: pgpuC1gZXY72X.pgp
Description: PGP signature


Reply to: