[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Public key infrastructure



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tomas Mraz wrote:
>> (3) Every application using digital certificates (and capable of
>> checking certs against a list of trusted CA certs) creates the
>> directories /etc/pki/$appname/private, /etc/pki/$appname/public and
>> /etc/pki/$appname/cacerts for storing certs. The last one by default is
>> a symlink pointing to /etc/pki/cacerts.
> 
> AFAIK directory as symlink in a package creates problems on package
> upgrades so it would be best to leave them simply as empty directories.

What kind of problems do you mean? Looking e.g. in /etc I see many
directory symlinks.

> The rest of your proposal is fine I think.

Great. As mentioned, I think there should be some "official" guidelines
on how to deal with digital certificates. I would like to write a draft
and publish it at some "official" place for further discussion (where?).
How should I proceed?

Joachim
- --
B. Sc. Joachim Selke
Universität Hannover, Institut für Theoretische Informatik
Appelstraße 4, 30167 Hannover, Germany
<http://www.thi.uni-hannover.de/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFEwOBzq7fYj4TsIUwRAjO3AKCtOUuT9ESD09IvRYlPBcU+FRzNQACglLw3
Enzir6fULJM4fyIkdea/cw8=
=Es7o
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]