[Freeipa-devel] Password Vault Implementation
Rob Crittenden
rcritten at redhat.com
Tue Jul 15 15:17:40 UTC 2014
Endi Sukma Dewata wrote:
> On 7/15/2014 9:27 AM, Simo Sorce wrote:
>> I am curious about this: "Currently there is no NSS backend for Python
>> Cryptography."
>> Yet we use python-nss in some projects already, so what is missing
>> there ?
>>
>> Simo.
>
> Does the IPA client currently require python-nss? There's a concern of
> using python-nss directly on the client as it would create/reinforce the
> NSS dependency.
The python subpackage has the requirement and the client subpackage
requires python, so yes.
> This wouldn't really matter if IPA client is already depending on
> python-nss for other things, but I think it would be better if we can
> use the more abstract interface provided by the Cryptography library.
>
I don't believe we do any direct crypto beyond generating CSRs and doing
SSL/TLS, so it may be overkill for our current purposes, but I believe
this library was created after IPA.
rob
More information about the Freeipa-devel
mailing list