[Kolab-devel] https key permission/fingerprints

Martin Konold martin.konold at erfrakon.de
Thu Jul 15 20:23:27 CEST 2004

Am Donnerstag, 15. Juli 2004 17:31 schrieb Bernhard Reiter:

Hi Bernhard,

> -rw-r-----    1 root     kolab-r      2943 Jul 14 12:15
> /kolab/etc/kolab/cert.pem As this is a public key, there is no need to have
> restrictive permission here? It might keep people from checking the
> fingerprint.

Good point! But the model of Kolab is that the Kolab users don't have a Unix 
Shell account.

> the fingerprint of the kolab testca certs, having them on a webpage
> is one idea.

I very much favour the idea that we tell administrators how to extract the 
fingerprint easily and also publish the fingerprint on the Kolab webgui pages 

-- martin
(*) Yes, I know that publishing a fingerprint on a SLS webserver is somewhat 
useless if the webserver itself uses the same CA... But in the future I can 
imagine a possibility in the admin/maintainer UI to create "user login info" 
documentation which can be printed on paper...

Dipl.-Phys. Martin Konold

e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de

More information about the devel mailing list