where 'o where to store certificates and keys
Dan Williams
dcbw at redhat.com
Tue Apr 19 20:19:55 UTC 2005
On Tue, 2005-04-19 at 16:07 -0400, John Dennis wrote:
> 3) Certificates and keys are not a property of the openssl package,
> there should be a package neutral location in the spirit of FHS to
> locate all certificate and key files which can be shared by all
> packages. Someplace in /etc seems ideal.
>
> Proposal: the filesystem rpm creates the following 3 new directories
>
> /etc/keys
> /etc/keys/public
> /etc/keys/private
>
> Individual applications can make use of these directories in whatever
> fashion they desire, as long as the files they install there are
> certificates or keys of any form. They set their own permissions and
> ownerships.
+1 from me. From a desktop perspective, we need _one_ place to store
user certs and keys. For example, in the future when NetworkManager
supports 802.1x and wireless authentication with WPA, we'll need a place
to store the user's certs for authentication against the access point
and RADIUS server. Evolution stores user certs. Many other things do
as well. Its just plain dumb to have this stuff everywhere and not
manageable by an application.
Dan
More information about the Fedora-maintainers
mailing list