Public key infrastructure
Joachim Selke
selke at thi.uni-hannover.de
Fri Jul 21 14:10:59 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tomas Mraz wrote:
>> (3) Every application using digital certificates (and capable of
>> checking certs against a list of trusted CA certs) creates the
>> directories /etc/pki/$appname/private, /etc/pki/$appname/public and
>> /etc/pki/$appname/cacerts for storing certs. The last one by default is
>> a symlink pointing to /etc/pki/cacerts.
>
> AFAIK directory as symlink in a package creates problems on package
> upgrades so it would be best to leave them simply as empty directories.
What kind of problems do you mean? Looking e.g. in /etc I see many
directory symlinks.
> The rest of your proposal is fine I think.
Great. As mentioned, I think there should be some "official" guidelines
on how to deal with digital certificates. I would like to write a draft
and publish it at some "official" place for further discussion (where?).
How should I proceed?
Joachim
- --
B. Sc. Joachim Selke
Universität Hannover, Institut für Theoretische Informatik
Appelstraße 4, 30167 Hannover, Germany
<http://www.thi.uni-hannover.de/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFEwOBzq7fYj4TsIUwRAjO3AKCtOUuT9ESD09IvRYlPBcU+FRzNQACglLw3
Enzir6fULJM4fyIkdea/cw8=
=Es7o
-----END PGP SIGNATURE-----
More information about the fedora-devel-list
mailing list