Re: OpenVPN Questions

From: Tim Niemueller <tim niemueller de>
To: networkmanager-list gnome org
Subject: Re: OpenVPN Questions
Date: Tue, 15 Nov 2005 21:40:03 +0100

David Zeuthen wrote:

> 
> So... if I understand this right, some .crt and .key files are for all
> users while some are per-user, right? So, maybe embed the ones shared
> for all users in gconf? 

There is only one cert needed by all users: The CA file. Still I think
this is something that should be installed per user, for example if a
company has a pool of laptops that can be lend but for different
departments there are different VPNs.

> And make the authentication dialog prompt the user for the missing
> per-user certificates? Or even better... look up in a certificate store
> somewhere, e.g. I'm thinking NSS integration in the future...

I think this is something that should be done on the Desktop-Level, not
per Application. So if a Desktop-wide method to store certificates
emerges with should use that. For the same reason I think that it is not
the best idea for now to store these settings in GConf.

Another problem that we will have in either case: OpenVPN can only read
the certificates from real files. So we either need a patch to OpenVPN
to be able to take the certificates from say STDIN or create temporary
files while connecting.

	Tim

-- 
    Tim Niemueller <tim niemueller de>      www.niemueller.de
=================================================================
 Imagination is more important than knowledge. (Albert Einstein)

References:
- OpenVPN Questions
  - From: Ryan Skadberg
- Re: OpenVPN Questions
  - From: Tim Niemueller
- Re: OpenVPN Questions
  - From: David Zeuthen
- Re: OpenVPN Questions
  - From: Tim Niemueller
- Re: OpenVPN Questions
  - From: David Zeuthen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]