CAcert Code Development list.

[Jan Dittberner <jandd AT cacert.org>]

On Fri, Nov 06, 2009 at 06:11:30PM +0100, Ian G wrote:
> Guys,
> 
> because someone asked over on mozilla groups for help/info with
> client certs, I updated our main page on this here:
> 
>     https://wiki.cacert.org/ClientCerts
> 
> Specifically I added a list of services that we run that are already
> there.  I don't think I have them all, so here's the request:
> 
>   *can you check and add more systems which are client-cert enabled?*
> 
> I want this list as a sort of help for people when they get their
> client certs up, but I also want the list as a sort of advertisement
> for our work, and a "Roll of Honour"...
> 
> It is great to see some progress in rolling out some actual secure
> servers.  How's the wiki, how's svn ;-)

AFAICT SVN authentication is a bit problematic with current CAcert issued
client certificates because they contain no unique part that could be used in
subversion access files.

For a subversion repository at work we use a unique "username" attribute in 
the
certificate's subject for matching client certificates to subversion users.

If someone has a good idea how to solve this issue or which part of the client
certificate I could use please tell me. I will setup the certificate
authentication then.


Regards
Jan

-- 
Jan Dittberner - CAcert Infrastructure Team
GPG-key: 4096R/558FB8DD 2009-05-10
         B2FF 1D95 CE8F 7A22 DF4C  F09B A73E 0055 558F B8DD
http://www.dittberner.info/

Attachment: signature.asc
Description: Digital signature