[Kolab-devel] https key permission/fingerprints
Martin Konold
martin.konold at erfrakon.de
Thu Jul 15 20:23:27 CEST 2004
Am Donnerstag, 15. Juli 2004 17:31 schrieb Bernhard Reiter:
Hi Bernhard,
> -rw-r----- 1 root kolab-r 2943 Jul 14 12:15
> /kolab/etc/kolab/cert.pem As this is a public key, there is no need to have
> restrictive permission here? It might keep people from checking the
> fingerprint.
Good point! But the model of Kolab is that the Kolab users don't have a Unix
Shell account.
> the fingerprint of the kolab testca certs, having them on a webpage
> is one idea.
I very much favour the idea that we tell administrators how to extract the
fingerprint easily and also publish the fingerprint on the Kolab webgui pages
(*)
Yours,
-- martin
(*) Yes, I know that publishing a fingerprint on a SLS webserver is somewhat
useless if the webserver itself uses the same CA... But in the future I can
imagine a possibility in the admin/maintainer UI to create "user login info"
documentation which can be printed on paper...
Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de
More information about the devel
mailing list