[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#670367: pu: package coolkey/1.1.0-6



>>>>> "Adam" == Adam D Barratt <adam@adam-barratt.org.uk> writes:

Adam> Even accounting for the patch overhead, the diff is still somewhat
Adam> larger than most we'd usually handle via proposed-updates.  That's not
Adam> necessarily a blocker in and of itself, but we are rapidly approaching
Adam> the cut-off point for the next point release and I don't think I'm
Adam> likely to have time to do a proper review myself before that point.
Adam> Bearing that in mind I'm afraid it's possible that the changes might
Adam> need to be looked at for 6.0.6 rather than the upcoming 6.0.5.

Yes indeed, this is a large change that adds an entirely new capability
(support of cards with PIV (Personal Identity Verification) features).
So this isn't a typical single critical bug fix update.

Time is an issue no matter which update is considered, so let me add
a little more background and triage to help smooth the process.

I've added a squeeze branch in the phg-coolkey subversion repository at
http://anonscm.debian.org/viewvc/pkg-coolkey/coolkey/tags/squeeze/debian/patches/

Patches 01* through 06* are already in squeeze.
Patches 07* though 09* have had some time in testing.
Patch 10* is large, and I suspect few people beyond its author Robert Relyea
really understand all the changes.
Patch 11* and 12* are new to Debian, but are a bit simpler and keep
things from crashing on our users for situtations that have been observed
in practice.

Patches 01*-09* have been in Ubuntu since Natty Narwhal, and follow the
patch series used in RHEL and Fedora distributions. Of cource patch 10*
went through whatever review processes were involved in updateing RHEL:
http://rhn.redhat.com/errata/RHEA-2011-0111.html
All these patches have been around over a year and appear to have a good
record in other distibutions. Of course the fact that user's cards are
expiring and replaced by the new format cards means that the "stable"
Linux distributions are motivated to perform this update.

Robert Relyea has long been involved in the Network Security Services (NSS)
code. Coolkey interoperates well with several NSS using applications. I have
been able to test with both the cards available when squeeze was released and
the newer PIV style cards iceweasel, icedove and evolution in Debian and
with the "DBsign Universal Web Signer" Java applet used by some web sites.

Thanks for consideration,
-Maitland



Reply to: