[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Public key infrastructure



On Wed, 2006-07-26 at 22:49 +0200, Joachim Selke wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Ralf Ertzinger wrote:
> >> They are generated in %post, see the last paragraph. The files
> >> probably show up in rpm lists because they are marked
> >> ghost/noreplace/missingok config files.
> > 
> > This may be a wild idea, but how about creating a self signed
> > CA (by %post in the package which owns /etc/pki), and have all
> > other programs that need certificates automatically create certificates
> > under that CA?
> 
> That sounds good to me.
> 
> Tomorrow I am going to rewrite the draft at
> <http://fedoraproject.org/wiki/PackagingDrafts/Certificates> and include
> your comment and others.

Also if the certificates are going to be created automatically you have
to make sure it won't overwrite the ones that are already there.

-- 
Jean-Rene Cormier <jrc jrcormier com>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]