Hi,
It seems that the OpenXPKI project badly needs a list of recommended
reading for newcomers about basics of:
1) PKI,
2) applied cryptography,
3) information security, as to be served by PKI.
Preferably with free access.
Maybe Applied cryptography by Bruce Schneier is an overkill, but what
instead?
PKI related RFCs also look like too hard reading.
Regard, Sergei
On 10.11.2020 17:13, Martin Bartosch via OpenXPKI-users wrote:
Hi,
Just to remind everyone considering OpenXPKI for running their own PKI:
It is perfectly OK to use shortcuts to get things up and running quickly in
order to learn how the software works, BUT
- the sample config script is just that, it produces a sample configuration to
get things up and running quickly
- the sample config script IS NOT INTENDED to provide you with a configuration
which can blindly be used in production, and WE DO NOT RECOMMEND TO USE IT THIS
WAY
- the fact that the sample config script uses hardcoded passphrases should
emphasize that
- if you are taking precautions to have the script generate random passphrases
and end up putting these random passphrases in your configuration... then you
are most probably not using the sample config script for testing purposes and
you should seriously reconsider what you are doing
Setting up a PKI, your processes and key management right takes preparation,
planning and proper execution.
OpenXPKI is a very powerful and flexible software. It is certainly capable of
providing reliable and secure PKI services in professional environments, but it
is incorrect to assume that there is a turnkey solution for that.
Cheers
Martin
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
