PSARC 2010/084 Perl Crypt bindings for OpenSSL

Somehow this case got created but the one-pager was never sent out. Attached is the proposal. My apologies to the project team for the snafu. -Wyllys -- next part -- An embedded and charset-unspecified text was scrubbed... Name: perl-crypt-onepager.txt URL:

[shell-discuss] open source sed [PSARC/2010/086 FastTrack timeout 03/17/2010]

On 03/11/10 08:47, Joerg Schilling wrote: > Casper.Dik at Sun.COM wrote: > >>> Well, I asked many times for a documentation of the ON Buildsystem. >>> >>> I mentioned already, that the buildsystem looks like the only real problem. >> >> There is not a whole lot of documentation; clearly people have

EC and SHA2 for KMF [PSARC/2010/032 FastTrack timeout 02/04/2010]

Manpage updates are in the case materials directory. On 01/27/10 10:19, Wyllys Ingersoll wrote: > > Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI > This information is Copyright 2010 Sun Microsystems > 1. Introduction > 1.1. Project/Component Working Name: >

PSARC 2009/576 pam_krb5 pkinit - docs updated

I updated the man page and the diff-marked man page for the pam_krb5 pkinit project. I *think* we are done, and hope to mark it approved tomorrow. -Wyllys

PSARC 2009/576 pam_krb5 pkinit - final spec

The final spec and man page for the pam_krb5 pkinit project have been put into the case directory. If there are no further objections, this case should get approved at the meeting this week. -Wyllys

[kerberos-discuss] PSARC/2009/576 final spec

Gary Winiger wrote: >>> One question; should pam_krb5 doing PKINIT ever try using the password >>> acquired via pam_authtok_get as the PIN if pam_krb5 is stacked below >>> pam_authtok_get like so: >>> >>>login auth required pam_unix_cred.so.1 >>>login auth sufficient

PSARC 2009/576 pam_krb5 PKINIT support - APPROVED

Darren J Moffat wrote: > Wyllys Ingersoll wrote: >> Gary Winiger wrote: >> >>> My personal recommendation: Develop a pam_pkinit (or similarly >>> named) module >>> with a separate man page. Have that man page describe the interactions >>> betw

PSARC 2009/576 pam_krb5 PKINIT support - APPROVED

Gary Winiger wrote: > > My personal recommendation: Develop a pam_pkinit (or similarly named) module > with a separate man page. Have that man page describe the interactions > between pam_pkinit and pam_krb5. > > Thanks for the extra time, > Gary.. Will F is on vacation for a bit longer. I

PSARC 2009/576 pam_krb5 PKINIT support - APPROVED

The submitter has updated the spec and I believe all of the issues have been addressed. The timer expired yesterday, this case is now approved. -Wyllys

[kerberos-discuss] pam_krb5 PKINIT support [PSARC/2009/576 FastTrack timeout 10/29/2009]

> >> I will make another pitch at this, put pam_authtok_get first, and if >> the password entered is "PKI", "PKINIT", "smart card" or some other >> key phrase (blank?), then pam_krb5 will try PKINIT. You only need one >> pam_krb5 on the stack too, and if the pam_authtok_get changes, you >>

pinentry utility [PSARC/2009/588 FastTrack timeout 11/04/2009]

Garrett D'Amore wrote: > Wyllys Ingersoll wrote: >> Alan Coopersmith wrote: >>> Wyllys Ingersoll wrote: >>>> pinentry is a small GUI (or curses based) application >>>> used to enter PINS or passphrases. It is usually invoked >>>> by gpg

pinentry utility [PSARC/2009/588 FastTrack timeout 11/04/2009]

Alan Coopersmith wrote: > Wyllys Ingersoll wrote: >> pinentry is a small GUI (or curses based) application >> used to enter PINS or passphrases. It is usually invoked >> by gpg-agent (part of the GnuPG package). This project >> will deliver 3 flavors - pinentry-

Question about 10/14 meeting

Wyllys Ingersoll wrote: > > I was unable to attend the meeting last week and the minutes have not > yet been posted. > Was 2009/531 (sshd match block option) approved? > > > thanks, > Wyllys > Never mind. I see now that there was no meeting. -Wyllys

Question about 10/14 meeting

I was unable to attend the meeting last week and the minutes have not yet been posted. Was 2009/531 (sshd match block option) approved? thanks, Wyllys

PSARC 2009/531

I am sponsoring the attached fastrack case for Huie-Ying Lee. The timer is set to expire in 1 week (10-13-2009). The target is Nevada only, the submitter is requesting minor patch binding. -Wyllys Ingersoll -- next part -- An embedded and charset-unspecified text was

PSARC 2009/397 GnuPG and Friends - updated deliverables

Rainer Orth wrote: > Wyllys Ingersoll writes: > >> CHANGES: >> - There will be just 1 package - SUNWgnupg. It doesn't make >> much sense to make several different packages, 1 for each >> library, since they are all needed by GnuPG they shoul

PSARC 2009/397 GnuPG and Friends - updated deliverables

Alan Coopersmith wrote: > Wyllys Ingersoll wrote: >> /usr/libexec/scdaemon Uncommitted Command >> /usr/libexec/gpg-protect-tool Uncommitted Command >> /usr/libexec/gpg-preset-passphrase Uncommitted Command >> /usr

PSARC 2009/397 GnuPG and Friends - updated deliverables

s not changed, I'm just clarifying the deliverable list based on progress made with integrating it into a workspace. -Wyllys Ingersoll CHANGES: - There will be just 1 package - SUNWgnupg. It doesn't make much sense to make several different packages, 1 for each library, since they

Kerberos V5 PAC API [PSARC/2009/418 FastTrack timeout 08/04/2009]

Garrett D'Amore wrote: >> INTERFACE STABILITY AND RELEASE BINDINGS >> >> >> Interface StabilityRelease Binding >> >> New API in libkrb5(3LIB) External micro/patch >> New API in libgss(3LIB)External micro/patch >> > > E

GnuPG and friends [PSARC/2009/397 FastTrack timeout 07/23/2009]

I think this whole Pth thread (no pun intended) is pretty much beaten to death. GnuPG will deliver Pth as it stands, we are not modifying it to be a Solaris thread wrapper and we are not modifying GnuPG to use Solaris threads. If someone wants to file an RFE and take on that work themselves lat

GnuPG and friends [PSARC/2009/397 FastTrack timeout 07/23/2009]

Scott Rotondo wrote: > Nicolas Williams wrote: >> On Thu, Jul 23, 2009 at 09:07:53PM -0700, Garrett D'Amore wrote: >>> I agree with all of your points. >>> >>> However, we've already established a precedent in many other cases >>> that FOSS cases can integrate without necessarily taking the same >>

FOSS Library Availability was Re: GnuPG and friends ...

James Carlson wrote: > Wyllys Ingersoll wrote: >> It is unreasonable to burden >> the teams that want to bring FOSS code to Solaris to also put in additional >> effort to fully "Solaris-ize" the code in question. > > If the ARC adopts that position, I

GnuPG and friends [PSARC/2009/397 FastTrack timeout 07/23/2009]

Garrett D'Amore wrote: > Nicolas Williams wrote: >> On Thu, Jul 23, 2009 at 09:07:53PM -0700, Garrett D'Amore wrote: >> >>> I agree with all of your points. >>> >>> However, we've already established a precedent in many other cases >>> that FOSS cases can integrate without necessarily taking the

FOSS Library Availability was Re: GnuPG and friends ...

Shawn Walker wrote: > Nicolas Williams wrote: >> On Thu, Jul 23, 2009 at 09:07:53PM -0700, Garrett D'Amore wrote: >>> I agree with all of your points. >>> >>> However, we've already established a precedent in many other cases >>> that FOSS cases can integrate without necessarily taking the same >>>

GnuPG and friends [PSARC/2009/397 FastTrack timeout 07/23/2009]

Darren Kenny wrote: ... > > The main concern is that the code changes you make, must be published (which > most code is right now) - a patch should be fine - and all the better if you > could push that patch upstream to the GnuPG maintainers. > > What makes you think that modifying GPLv3 code is

GnuPG and friends [PSARC/2009/397 FastTrack timeout 07/23/2009]

Don Cragun wrote: > The one-pager for this project says (in section 3.6) that it doesn't > duplicate core Solaris components. But the description of the Pth > library provided by this case sure sounds like it is trying to duplicate > the behavior of the Solaris pthread library and major chunks of

resync ssh-agent command with OpenSSH [PSARC/2009/408 FastTrack timeout 07/29/2009]

Im sponsoring the following fast-track for Huie-Ying Lee. She is requesting a minor release binding, there are no plans for backporting to S10. The man page updates will be in the case directory. Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI This information is Copyright 2009 Sun Microsy

PSARC/2009/374 libxmlsec

Will Young wrote: > On Wed, 2009-07-08 at 15:36 -0500, Nicolas Williams wrote: >> On Wed, Jul 08, 2009 at 04:21:47PM -0400, Will Young wrote: >>> On Wed, 2009-07-08 at 14:25 -0500, Nicolas Williams wrote: > ... >>> A kmf/PKCS#11 hybrid module seems to be the only possibility aside from >>> Open

PSARC 2009/353 ssh config update

Huie-Ying Lee wrote: > James Carlson wrote: >> Wyllys Ingersoll writes: >> >>> I filed the "ssh config update" fast track for Huie-Ying Lee. The >>> timer expires on 6/19/2009 >>> >> >> Previously, the configuration file had a

PSARC 2009/353 ssh config update

I filed the "ssh config update" fast track for Huie-Ying Lee. The timer expires on 6/19/2009 The release binding is micro (patch). Below is the patch for the default sshd_config file (a copy is also in the case directory). -Wyllys Ingersoll *** sshd_config.origWed Jun 10 16:

PSARC 2009/189 - Perl extensions for using OpenSSL

At this point, I think it can be marked closed/approved. -Wyllys Mark Phalan wrote: > On Wed, 2009-04-08 at 09:33 -0400, Wyllys Ingersoll wrote: >> Mark Phalan wrote: >>> On Wed, 2009-03-25 at 09:35 -0400, Wyllys Ingersoll wrote: >>> ... >>>> 1. Intr

PSARC 2009/189 - Perl extensions for using OpenSSL

Mark Phalan wrote: > On Wed, 2009-03-25 at 09:35 -0400, Wyllys Ingersoll wrote: > ... >> 1. Introduction >>1.1. Project/Component Working Name: >> >> Net::SSLeay - Perl extension for using OpenSSL > > > Can anyone tell me why this (two+ weeks old

PSARC 2009/189 - Perl extensions for using OpenSSL

I submitted this case for Mark Phalan on Monday but for some reason it never went out to the PSARC mailing list. I am emailing it here for the record. -Wyllys Ingersoll Template Version: @(#)onepager.txt 1.35 07/11/07 SMI Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

Darren J Moffat wrote: > Wyllys Ingersoll wrote: >> Scott Rotondo wrote: >>> Wyllys Ingersoll wrote: >>>> >>>> I exchanged email with the lead engineer for the Tor project and he >>>> told me that >>>> Tor will use whatever it co

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

Scott Rotondo wrote: > Wyllys Ingersoll wrote: >> >> I exchanged email with the lead engineer for the Tor project and he >> told me that >> Tor will use whatever it considers reasonable defaults if it doesn't >> find a config file (/etc/torrc). So, instead

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

I exchanged email with the lead engineer for the Tor project and he told me that Tor will use whatever it considers reasonable defaults if it doesn't find a config file (/etc/torrc). So, instead of delivering a sample config file, I think it is better to deliver a working config file in /etc/to

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

James Carlson wrote: > Stephen Hahn writes: >> * Wyllys Ingersoll [2009-03-12 18:14]: >>> This project will deliver an SMF manifest and script that will allow >>> the tor relay daemon to be restarted via SMF. The SMF service will be: >>> svc:/applica

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

> /usr/man/man1/tor.1SFW Uncommitted /usr/man/man1/tor-resolve.1SFW Uncommitted /usr/man/man1/tor-gencert.1SFW Uncommitted >>> Similar questions here: shouldn't this be section 1M instead? >> .1 is where they live on a Linux system, but i

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

Rainer Orth wrote: > Wyllys Ingersoll writes: > >> Deliverables >> >> /usr/bin/tor SFW Uncommitted >> /usr/bin/tor-resolve SFW Uncommitted >> /usr/bin/tor-gencert SFW Uncommitted > > Does this

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

> > Agree, I'm not suggesting changes to Tor code. > > Yes, similar to ssh security/tor would need to: > > - define firewall_context and firewall_config property groups > - add some code in its method script to get the port numbers from the > config file and ask the framework to apply configur

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

Tony Nguyen wrote: > > Wyllys, > > With the integration of 2008/580 Solaris host-based firewall, the new > tor service, with some small changes, can provide fine-grained access > control to its service and be consistent with existing services. Since > tor defines listening ports in a configura

pyOpenSSL 2.6 [PSARC/2009/176 FastTrack timeout 03/19/2009]

Brian Cameron wrote: > > Wyllys: > >> 4.2. Interfaces: >> >> >> >> >> >>Exported StabilityComments >> >>

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

James Carlson wrote: > Wyllys Ingersoll writes: >> James Carlson wrote: >>> I might have misunderstood what you were saying (because I think >>> /etc/tor/ as a directory was proposed at one point). If /etc/tor is >>> just a plain file, then that sounds like th

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

James Carlson wrote: > James Carlson writes: >> Wyllys Ingersoll writes: >>> OK, I will move it to /etc/tor >> OK. For what it's worth, since it's just a single file, you might >> want to consider "/etc/torrc". > > I might have misunderstoo

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

James Carlson wrote: > Wyllys Ingersoll writes: >>> It really isn't. /etc/security contains configuration data for >>> system-wide OS security subsystems like auditing, RBAC, and Trusted >>> Extensions. Lots of other services have their own security-relevant &

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

> > Maybe /etc/tor is a good choice for Solaris. It could be, I didn't see the need to create another new subdirectory just to hold 1 file. >> I put it in /etc/security since it is a security-related config file. >> > > It really isn't. /etc/security contains configuration data for > system-

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

Scott Rotondo wrote: >> Deliverables >> >> /usr/bin/torSFWUncommitted >> /usr/bin/tor-resolveSFWUncommitted >> /usr/bin/tor-gencertSFWUncommitted >> >> /etc/security/torrc.sampleSFWUncommitted >> /usr/share/tor/geoipSFWUncommi

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

A copy of the torrc.sample file has been put in the case directory. -Wyllys Wyllys Ingersoll wrote: > Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI > This information is Copyright 2009 Sun Microsystems > 1. Introduction > 1.1. Project/Component Working Name: >

pyOpenSSL 2.6 [PSARC/2009/176 FastTrack timeout 03/19/2009]

Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI This information is Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: pyOpenSSL 2.6 1.2. Name of Document Author/Supplier: Author: HuieYing Lee 1.3 Date of This Document:

Tor [PSARC/2009/175 FastTrack timeout 03/19/2009]

Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI This information is Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: Tor 1.2. Name of Document Author/Supplier: Author: Wyllys Ingersoll 1.3 Date of This Document: 12

[kerberos-discuss] Kerberos CCAPI [PSARC/2009/030 FastTrack timeout 01/22/2009]

Shawn M Emery wrote: > Rick Matthews wrote: >> Shawn, >> Correct me if I'm wrong, but I think you were going to do an >> umbrella clarifying this case. > > Yes, I'll file the umbrella case after I finish the prototype. By then > I will have a better understanding of resource requirements (mem

non-interactive destroy for kdb5_util [PSARC/2009/038 FastTrack timeout 01/28/2009]

Template Version: @(#)sac_nextcase %I% %G% SMI This information is Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: non-interactive destroy for kdb5_util 1.2. Name of Document Author/Supplier: Author: Mark Phalan 1.3 Date of This

Kerberos CCAPI [PSARC/2009/030 FastTrack timeout 01/22/2009]

Darren J Moffat wrote: > I need more time to review the original case materials and the > comments on the completeness of this case from Nico. > > Please extend the timer a week. > > -- > Darren J Moffat I will make it so. -Wyllys

Kerberos CCAPI [PSARC/2009/030 FastTrack timeout 01/22/2009]

Template Version: @(#)sac_nextcase %I% %G% SMI This information is Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: Kerberos CCAPI 1.2. Name of Document Author/Supplier: Author: Shawn Emery 1.3 Date of This Document: 15 Ja

PSARC 2008/725 TPM Support

This case is being marked as "closed approved". The project team is resolving the auditing concerns with the interested parties in a separate meeting. -Wyllys Ingersoll

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

>> No, that example is not quite applicable in this situation. "actions" >> w.r.t the TCS Daemon >> are not authenticated on a per-user basis. TCSD "authorizes" certain >> commands to be >> performed from a remote client depending on the configuration parameters >> in the tcsd.conf >> file

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Krishna Yenduri wrote: > Wyllys Ingersoll wrote: >> Krishna Yenduri wrote: >>> Wyllys Ingersoll wrote: >>>> ... >>>> * TPM Device driver (tpm) >>>> The TPM device driver was developed in a joint effort between >>>> the Solaris

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Krishna Yenduri wrote: > Wyllys Ingersoll wrote: >> ... >> * TPM Device driver (tpm) >> The TPM device driver was developed in a joint effort between the >> Solaris >> Security group and Dartmouth College and will be delivered on x86/64 >> based p

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Gary Winiger wrote: > I'm just getting back to this (after the prereview) and getting my P1 > project under control. > > As I mentioned in the prereview, if the TMP stack is to be part of the next > Solaris Common Criteria evaluation (or anything build upon it is to be > part of that evaluation), I

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Garrett D'Amore wrote: >> >> I disagree here. The TSS API is a documented standard interface, >> there are apps that write to the TSS API >> available that someone may want to port to Solaris once we have the >> interface delivered. There is already >> an open source community developing TCG a

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Garrett D'Amore wrote: > A few thoughts here: > > #1: This is a fast track. If we are going to start insisting that the > project team make significant changes to the project (especially > changes to which the project team doesn't readily agree), then the > project should probably be derailed.

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

>> >> i disagree. i got the impression that what we're really delivering here >> is TSS support for applications and that the underly TPM device is an >> implementation detail (since apps use TSS libraries, which access the >> TSS daemon which is the component that knows about underlying (or rem

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

James Carlson wrote: >> The first case is possible now by accessing the TCS daemon over the >> network using >> standard TSS APIs. >> > > That doesn't work. There's no network connection that's necessarily > available between global and non-global zones. > > Yes, obviously. One must hav

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Garrett D'Amore wrote: >> The TCS daemon is designed to be the primary access point, applications >> are never supposed to access the device directly. >> -Wyllys >> >> >> > This really sounds, to me at least, like the TPM/TCS should be a > global zone only thing. I see little merit in making pos

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

James Carlson wrote: > Wyllys Ingersoll writes: > >> sources.That is why I originally suggested that the TPM should only >> reside >> in the global zone and that local zones would access it over the network >> and be subject to access controls as specified in

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

>> >> What would you suggest in this case? I'm not very familiar with the unique >> requirements of Zones and device drivers. > > The unique requirement here is that if you're assuming in the kernel > that there's only one valid stream open on the device at a time, you'd > end up with one zone us

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

James Carlson wrote: > Wyllys Ingersoll writes: > >>> i think this would be a good stop-gap measure. it would simplify the >>> deployment of tss based application in one non-global zone. >>> >>> as an implementation detail, you'll probably want to

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

>> That might work. Obviously, there is no problem delivering the daemon and >> libraries >> in all zones. As long as there is only 1 instance of the TPM device in >> the kernel, >> and one reader/write of that device in userland (across all zones), I see >> no problem >> having the tpm devi

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Edward Pilatowicz wrote: > >> This project is basically proposing to putback the current open source >> TSS stack (TrouSerS v0.3.1) and the above design comes from TrouSerS >> not from us. TrouSerS is currently being used on many Linux >> platforms that have TPM devices, all of which have the same

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Edward Pilatowicz wrote: > i have some concerns about the zones integration proposed by this case. > > in general, we recommend that applications be deployed within zones > since that provides an easy way to contain application configuration. > with this proposal, if an administrator deploys an app

PSARC 2008/725 TPM Support

The manpage for the tpmadm(1M) command has been updated in the case materials directory. Attached is the updated version for interested readers. -Wyllys -- next part -- An embedded and charset-unspecified text was scrubbed... Name: tpmadm.1m URL:

PSARC 2008/725 TPM Support - man page updated

I updated the modified man page proposed for pktool(1) in the case materials directory. The changes are also attached here for anyone who wants a quick look. -Wyllys -- next part -- An embedded and charset-unspecified text was scrubbed... Name: pktool.1.diffs URL:

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

Gary Winiger wrote: >> The man pages associated with this case are in the materials directory. >> > > tmpadm.1 seems to be missing. > > Gary.. > Thanks for the reminder, it's there now. -Wyllys

TPM Support [PSARC/2008/725 FastTrack timeout 11/27/2008]

The man pages associated with this case are in the materials directory. -Wyllys

PSARC/2008/705 FastTrack timeout 11/19/2008

The pyOpenSSL case was approved at yesterday's meeting. -Wyllys

pyOpenSSL [PSARC/2008/705 FastTrack timeout 11/19/2008]

The latest spec has been posted to the case materials directory. -Wyllys Huie-Ying Lee wrote: > >> Template Version: @(#)sac_nextcase %I% %G% SMI >> This information is Copyright 2008 Sun Microsystems >> 1. Introduction >> 1.1. Project/Component Working Name: >> pyOpenSSL >> 1.2. N

PSARC 2008/631 - Kerberos PKINIT

The timer has expired and there haven't been any further comments, so I'm marking the Kerberos PKINT case as approved. -Wyllys Ingersoll

Kerberos PKINIT [PSARC/2008/631 FastTrack timeout 10/17/2008]

The updated man pages for this case are in the case directory under the "man" sub-dir. -Wyllys

[sparks-discuss] libldap:ber_printf() 'O' in format string [PSARC/2008/607 FastTrack timeout 10/01/2008]

Nicolas Williams wrote: >> The diffmarked manpage in the case materials explained it a bit better: >> > > For some reason said file does not appear on the opensolaris.org page > for this case. Can someone tell me how to make it appear there? > > In the meantime I've attached it to this post.

PSARC 2008/306 pktool CLI update - approved

This case timed out today and there were no comments. I am marking it as "closed approved." -Wyllys Ingersoll

PSARC 2007/642 SHA256/SHA512 crypt(3C) plugins - man pages

h sha implementation. -Wyllys Ingersoll -- next part -- An embedded and charset-unspecified text was scrubbed... Name: crypt_sha256.5 URL: <http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20080423/05671eb6/attachment.ksh> -

PSARC 2006/283 Certificate & PKCS#11 PAM, module

I disagree. For many weeks now the submitter has answered the questions and made all of the corrective actions requested by the ARC on this case and now there is talk of derailing it?I don't think any architectural issues were found with the project. The documentation is weak, but the s

[kmf-discuss] restart of PSARC/2006/283 Certificate & PKCS#11 PAM module

Gary - Your issues seem to be around the documentation and the commitment levels. As has been mentioned numerous times, this is open-source code that is being brought into Solaris at the request of a large customer and the team needs to keep it as familiar as possible. Also, as Darren mentioned,

PSARC 2008/037 new EKU support for pktool and kmfcfg

This case was approved in today's meeting. -Wyllys

PSARC 2008/037 new EKU support for pktool and kmfcfg

Based on email exchanges from last week, I updated the man pages in the case directory to reflect that both kmfcfg(1) and pktool(1) are being moved to "Committed" status. -Wyllys

new EKU support for pktool and kmfcfg [PSARC/2008/037 FastTrack timeout 01/30/2008]

James Carlson wrote: >> However, if this (and also kmfcfg(1)) should have been "Committed" in >> the first place, >> then I have no problem with making that change here. >> > > The question should be about what stability the users of the tool > need, and what you're able to provide rather tha

new EKU support for pktool and kmfcfg [PSARC/2008/037 FastTrack timeout 01/30/2008]

James Carlson wrote: > Wyllys Ingersoll writes: > >> @@ -1145,11 +1199,11 @@ >> >> | ATTRIBUTE TYPE

PSARC 2007/604 KMF Pluggability Enhancements

This case was approved at today's meeting. -Wyllys

KMF Pluggability Enhancements [PSARC/2007/604 FastTrack timeout 10/24/2007]

The updated man page for kmfcfg(1) is in the case directory (orig, diff, and new) -Wyllys Wyllys Ingersoll wrote: > Template Version: @(#)sac_nextcase 1.64 07/13/07 SMI > This information is Copyright 2007 Sun Microsystems > 1. Introduction > 1.1. Project/Component

KMF Pluggability Enhancements [PSARC/2007/604 FastTrack timeout 10/24/2007]

The updated man page for kmfcfg(1) is in the case directory (orig, diff, and new) -Wyllys Wyllys Ingersoll wrote: > Template Version: @(#)sac_nextcase 1.64 07/13/07 SMI > This information is Copyright 2007 Sun Microsystems > 1. Introduction > 1.1. Project/Component

PSARC 2007/465 pktool symmetric key enhancements

Gary Winiger wrote: >> The case directory for PSARC 2007/465 has copies of the proposed >> man page changes. >> > > Just for the record, what's the release binding? > I also presume the changes keep the original taxonomy. > > Gary.. > release binding = micro/patch interface ta

PSARC 2007/465 pktool symmetric key enhancements

The case directory for PSARC 2007/465 has copies of the proposed man page changes. pktool.1 - current page pktool.1.new - proposed new page pktool.1.diff - context diffs between old and new -Wyllys Ingersoll

[crypto-discuss] Elliptic-Curve Cryptography for Solaris [PSARC/2007/446 Self Review]

Darren J Moffat wrote: >> in particular, is this expected to automatically enable use of >> certificates which either contain, or are signed by, an ECC key, or is >> additional work to consumers of this interface required beyond plugging >> the algorithms in? >> > > Updates to KMF maybe requir

PSARC 2007/426 KMFAPI Interface Taxonomy Change

This case was approved today. -Wyllys

PSARC 2007/401kclient version 2

This case was approved today. -Wyllys

krb5_ldap_util command for Solaris Kerberos [PSARC/2007/368 FastTrack timeout 06/26/,2007]

James C. McPherson wrote: > Wyllys Ingersoll wrote: >> I am sponsoring the following fast-track for Will Fiveash. >> >> * The release binding is patch/micro. >> * The interface stability is committed. >> * The timer is set for 1 week (6/27/2007) >> >&

krb5_ldap_util command for Solaris Kerberos [PSARC/2007/368 FastTrack timeout 06/26/,2007]

I am sponsoring the following fast-track for Will Fiveash. * The release binding is patch/micro. * The interface stability is committed. * The timer is set for 1 week (6/27/2007) - Wyllys Ingersoll -- next part -- An embedded and charset-unspecified text was scrubbed

PSARC/2007/334 Add Wireshark 0.99.5 into Solaris

Nicolas Williams wrote: > >> Thus, we're stuck in a very strange place. We end up with a situation >> where we deliver a nice new tool that works much better than the old >> one (and one that many of us in networking in fact have used for >> years), but the ARC will continue to advise new project

Fast track review - PSARC/2007/284 Dwarf Caiman, New Solaris Install GUI - updated spec

... 3.1.4 The SunStudio and NetBeans tools: 1. Initial Install: a) Installation behavior and scripts are provided by the Developer tools team. b) During initial install Sun Studio 12 will be