<br><br><div class="gmail_quote">2010/12/7 Michal Hlavinka <span dir="ltr"><<a href="mailto:mhlavink@redhat.com">mhlavink@redhat.com</a>></span><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div><div></div><div class="h5">On Wednesday, December 01, 2010 14:12:01 you wrote:<br>
> 2010/11/30 Michal Hlavinka <<a href="mailto:mhlavink@redhat.com">mhlavink@redhat.com</a>><br>
><br>
> > > > > For the recall, the port from OpenSSL to Mozilla NSS will:<br>
> > > > > - solve a major distribution isssue: since OpenSSL is licensed<br>
> > ><br>
> > > under<br>
> > ><br>
> > > > > BSD, some (most) Linux distributions were not able to ship NUT<br>
> > > > > packages with SSL support enabled. NSS being available under 3<br>
> > > > > licenses, among which the GPL, this will soon be an old story.<br>
> > > > > - NSS is FIPS 140 certified, while OpenSSL is not. For more<br>
> > > > > information on this: <a href="http://en.wikipedia.org/wiki/FIPS_140" target="_blank">http://en.wikipedia.org/wiki/FIPS_140</a><br>
> > > > > - finally, there is a move in Linux distributions, toward<br>
> > > > > standardizing on NSS everything related to certificate management.<br>
> > > > > That means in the end that Linux distro would be able to provide<br>
> > > ><br>
> > > > tools<br>
> > > ><br>
> > > > > (textual and graphical) to manage a central certificates<br>
> > ><br>
> > > repository,<br>
> > ><br>
> > > > > which means easier tasks for the users.<br>
> > > > ><br>
> > > > > Please join me into welcoming Emilien, and supporting the Eaton<br>
> > > > > Opensource team ^_^<br>
> > > > ><br>
> > > > > @Michal: I hope you will enjoy ;-)<br>
> > > ><br>
> > > > great news! :)<br>
> > > ><br>
> > > > indeed.<br>
> > > ><br>
> > > > btw, I've seen a Fedora forwarded report (#656440) by a user on<br>
> > > > Alioth' tracker (#312848).<br>
> > > > you should probably forward these directly to speed up the process.<br>
> > ><br>
> > > yes, but I was ill and he was faster :)<br>
> > ><br>
> > > does that mean that RedHat / Fedora are sensible to virus :-p<br>
> > :<br>
> > :)<br>
> > :<br>
> > > btw, can you update bugzilla #347771 to point the working branch:<br>
> > > <a href="http://svn.debian.org/wsvn/nut/branches/ssl-nss-port/" target="_blank">http://svn.debian.org/wsvn/nut/branches/ssl-nss-port/</a><br>
> ><br>
> > done<br>
> ><br>
> > > I'll ping you back once we have something that can be tested...<br>
> > > One more question: do you (RH / Fedora) already have UIs for<br>
> > > certificates management (both textual and graphical)?<br>
> > > Or do you know anything that can suit the purpose?<br>
> ><br>
> > From what I know, there is nothing definite yet, but Mozilla PSM<br>
> > is a candidate. I wanted to ask my coleague who knows more about<br>
> > this whether information on<br>
> > <a href="http://fedoraproject.org/wiki/FedoraCryptoConsolidation#Common_UI_framewo" target="_blank">http://fedoraproject.org/wiki/FedoraCryptoConsolidation#Common_UI_framewo</a><br>
</div></div>> > rk is up to date, but he is attending some conference so he's<br>
<div class="im">> > offline right now.<br>
><br>
> we're interested in this UI topic, so we would welcome such info from your<br>
> fellow.<br>
<br>
</div>I was finally able to ask him, but with no useful output. They were playing a<br>
little with mozilla's PSM, but no usable output exists.<br></blockquote></div><br>I've sent a mail, last Friday (Dec 3rd) with some interesting NSS pointers (subject of the mail).<br>I've pointed some Suse related work around NSS manager / PSM, as a standalone app.<br>
<br>cheers,<br>Arnaud<br clear="all"><br>