[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Public key infrastructure

Hash: SHA1

Peter Rockai wrote:
>> Tomorrow I am going to rewrite the draft at
>> <http://fedoraproject.org/wiki/PackagingDrafts/Certificates> and include
>> your comment and others.
> Hmm, i may have missed the part where move from /etc/pki to /etc/certs
> was discussed, is that change intentional in the draft?

Yes, it is intentional, but I forgot to mention the change.

I think a "public key infrastructure" is some kind service or
organization that includes a certificate authority, a registration
authority, a directory service, a certificate revocation list, a
certificate policy and many other things. Hence, the name /etc/certs
should be better in my opinion.

In addition, the new name makes clear that there have been many changes
in Fedora's certificate handling. Also I think the name "certs" is more
precise and understandable; there are more people who know what "certs"
are that those who know the term "pki".

> I just don't
> see the benefit of changing things around, specially since many of the
> existing packages mostly agree on /etc/pki/tls/appname or somesuch,
> slight shuffle within /etc/pki should be much less pain than moving to
> /etc/certs.

Since nearly all certificate related packages have to be changed, I
think it makes no difference whether the name is changed to /etc/pki or
/etc/certs. Also with a new name it is easier to see what packages have
been changed already to follow the guidelines, and what still need to be

What do others think about this?

- --
B. Sc. Joachim Selke
Universität Hannover, Institut für Theoretische Informatik
Appelstraße 4, 30167 Hannover, Germany
Version: GnuPG v1.4.4 (GNU/Linux)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]