|
|
Re: Epiphany 1.4 plan: msg#00071gnome.apps.epiphany
Hello On Tue, 2004-03-30 at 06:28, Marco Pesenti Gritti wrote: > Abstract: > http://gnome.org/~marco/plan-abstract.html > > Concrete: > http://gnome.org/~marco/plan-concrete.html > > This was already discussed on IRC, though more feeback would be very > welcome. > I have worked on implementing the "Certificates UI" part for epiphany, but I have not delivered something reasonable yet (I have been involved on some political situations here in my country '-( ) I will share with you my proposal The main idea of this module it to become something like "gconf", a small library with the capability to retrieve certificates from many different places using gconf like plugins, for example read-only files, LDAP, PKCS#12 files, files on the HOME directoty, etc... For the epiphany/mozilla part of the solution, this library needs to implements a PKCS#11 module (http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/), a complex spec. I have worked a lot with this part of the job, and have been able to implement a test module that shows to mozilla the certificates that I want. (the idea of this solution came from the fact that Mozilla provides its CA certificates on libnssckbi.so that is a readonly PKCS#11 module) The UI part of the Job could be implemented by a capplet with the capability to manage the writable portion of the certificates that have been found, for example the personal certificates installed on the HOME directory. I think that this capplet must not try to manage the certificates found on adminitrator configured repositories like LDAP, or system directories. The personal certificates installed on the HOME directory could be stored on a PKCS#12 (http://www.rsasecurity.com/rsalabs/pkcs/pkcs-12/) file, easily done with NSS APIs and that provides an acceptable security level. To accelerate the implementation of this module, I propose to split the job (if you and your team accepts the mission ;-) ): * Design and implement a GObject based API to retrieve and store the certificates (I think that code from gconf can be borrowed for the configuration file and plugin parts, but i can be wrong) * Design the capplet GUI, and implement it on top of the GObject based API. * Implement the final PKCS#12 module on top of the GObject based API > Marco Pesenti Gritti > /lists.gnome.org/mailman/listinfo/epiphany-list -- Robert Marcano |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Epiphany 1.4 plan: 00071, Marco Pesenti Gritti |
|---|---|
| Next by Date: | Re: Epiphany 1.4 plan: 00071, Robert Marcano |
| Previous by Thread: | Re: Epiphany 1.4 plani: 00071, Marco Pesenti Gritti |
| Next by Thread: | Re: Epiphany 1.4 plan: 00071, Robert Marcano |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |