[Freeipa-devel] [PATCH] add signing cert profile to installer
Rob Crittenden
rcritten at redhat.com
Mon Apr 20 18:02:41 UTC 2009
Simo Sorce wrote:
> On Fri, 2009-04-17 at 17:18 -0400, Rob Crittenden wrote:
>> Rob Crittenden wrote:
>>> This patch adds a signing cert profile to dogtag that we use to
>> generate
>>> an object signing cert that will work with signtool. We use this to
>>> create the signed jar file in order to do autoconfiguration in
>> Firefox.
>>> This patch also does some file permission cleanup and fixes a few
>>> leaking fds.
>>>
>> I goofed on the commit. It only contained the new file. Here is a
>> revised patch.
>
>
> I see we allow using MD5withRSA and MD2withRSA signatures, should we
> restrict by default to SHA only ?
>
> otherwise ack
>
> Simo.
>
Hmm, good point. Andrew, any reason not to remove these?
rob
More information about the Freeipa-devel
mailing list