Alan Coopersmith wrote: > Have you asked the security community if these would be useful things to > support or not? > > -Alan Coopersmith- alan.coopersmith at sun.com > Sun Microsystems, Inc. - X Window System Engineering > > Jeff Cai wrote: >> Since currently there is no needs for these features which are relating >> to security, I've decided to disable them in gnome-keyring 2.21. These >> include: >> 1. ssh support >> 2. public key certificates support (general certificate and x.509 >> certificate) >> 3. pkcs11 support (It is API interface standard for accessing security >> devices such as smart card, usb disk etc.) >> >> A patch is attached and please review. I'll also ask community to review >> it soon.
Who says there is no need for them ? How did you determine this ? Do you know why that support is in there ? The PKCS#11 support was actually contributed to gnome-keyring by a Sun engineer and it was done to make the Solaris 10 US Export approval easier while also providing more functionality. The Solaris security team is also considering taking on the future ownership/maintenence of gnome-keyring for Solaris (it would likely remain in the JDS consolidation though). I'll work with Jeff/Ghee etc offline on this as it isn't relevant to OpenSolaris. SSH support is something we very much want to have as well. -- Darren J Moffat
