I've tried to digest KMIP but don't quite get the point. If somebody could explain in a sentence or two why i would want to use it, would be nice.
--
Sent from a device without a proper keyboard...
On 2013-03-22 11:11, Stef Walter wrote:
> On 03/22/2013 10:13 AM, Anders Rundgren wrote:
>> IMO mobile devices need something else than GCR; they need a integrated
>> keystore and enrollment system.
>
> gcr is just a library with some widgets and some bits for prompting,
> parsing certificate files, and so on. Nothing fancy, just a grab bag of
> tools.
>
>> The competition will have that at least:
>>
>> http://webpki.org/papers/PKI/certenroll-features.pdf
>>
>> This is running in a PoC format on Android.
>>
>> To succeed you also need to bring in Mozilla who also work
>> with their own Mobile OS (which is lagging wrt user-keys).
>>
>> I would be interested in working with this but I feel that
>> everybody is really waiting for Google since they are the
>> market leader in this space.
>
> Anders, you keep bringing up certificate enrollment on every mailing
> list. I applaud your enthusiasm, and that's certainly something that
> worthwhile to work on.
>
> But just talking about it non-stop doesn't help it get done. I would be
> keenly interested, and a big fan, if you were to work on integrating
> this into Linux (desktop or otherwise).
>
> I would support work to integrate this into our stack (gnome-keyring,
> seahorse, gcr, ...), if that's how you want to go about it. Or if you'd
> rather do something separate, then that's cool too.
I think the problem with this issue is that scope of the project goes
over so many different pieces that there's no chance for an individual
to master it all. This is probably the reason why Microsoft never
managed creating am enrollment system for consumers. Can the Linux
community do that? In theory they could but in practice it seems
unlikely unless some of larger parties pay for the job.
In case you are really interested we should have a virtual conference
about certificate enrollment and key-stores.
>
> Perhaps you've already done work here, so maybe I just haven't seen work
> to integrate it into any Linux platform that I regularly interact with.
>
> Are you part of the KMIP technical committee?
I think KMIP will get zero support from the big vendors because
it doesn't address consumers' needs.
Cheers,
Anders
>
> Cheers,
>
> Stef
>
_______________________________________________
gnome-keyring-list mailing list
gnome-keyring-list gnome org
https://mail.gnome.org/mailman/listinfo/gnome-keyring-list