Multiple identity providers in NetIdMgr
Jeffrey Altman
jaltman at secure-endpoints.com
Mon Mar 3 09:39:05 EST 2008
Daniel Kouril wrote:
> On Mon, Mar 03, 2008 at 09:07:37AM -0500, Jeffrey Altman wrote:
>> We are getting closer but there is no development version available at this
>> time.
>>
>> Funding for the project ran out a long ago but Secure Endpoints is
>> continuing to develop it as time permits. If all goes well we hope to have
>> a development build available independent of KFW in about a month.
>>
>> Which identity providers are you interested in developing?
>
> I'd like to eventualy polish the grid plugin managing X.509 proxy
> certificates and remove the (artifical) link between a krb5 principal
> and X.509 identity. We're also aiming at producing a GUI to manage
> short-lived certificates issued by an on-line CA, which contain some
> additional SAML-encoded data about the certificate bearer. It would nice
> if we could use NIM for this task as well.
>
> cheers,
>
> Daniel
I'm curious. What role would NIMv2 play in acquiring the X.509 proxy
certificates? Would you be using an X.509 client certificate to obtain
the proxy certificates? Much as the Kerberized Certificate Authority
uses Kerberos tickets to obtain X.509 certificates today?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kfwdev/attachments/20080303/04ddfd23/attachment.bin
More information about the kfwdev
mailing list