On Sun, Dec 07, 2008 at 06:54:16AM -0000, David Smith wrote: > OK. First, what do you mean by basic TLS support in ubuntu? AFAICS the > bits this bug depends on are already in place, everything but > backporting this patch which doesn't appear to be that much work (I'm > using it locally against your current NM0.7 package in intrepid).
AFAIK, upstream landed this stuff against the "new" api (after the accessor function migration) ... so I assume cherry picking doesnt work. If the patches in bugzilla are _before_ the accessor migration then yes, the backport should work easily and I am sorry for the delay. If you want attach the patches you use here, so I can just add them on next update round. Again sorry for the delay. (also excuse if i miss some detail, currently writing this mail from a plane). > > To answer your second question, I wrote the patches for wpasupplicant to > support configuring smartcards over dbus, that was included upstream > many moons ago and is in the wpasupplicant version already shipping in > intrepid. The patch that I'm asking to include gives libnm-util the > ability to handle the necessary configuration parameters to send to > wpasupplicant; it doesn't make setting them available in the applet yet > but at least makes them usable from the system-settings facility or > directly settable over dbus which on its own a huge benefit and makes NM > completely usable for connecting to my 802.1x protected TLS network via > the private key and certificate stored in my TPM chip, which is emulated > as a smartcard to the system via opencryptoki. This is specifically > intended for those of us who either realize that storing private keys on > the filesystem is unsafe and want to better protect our security by > using cryptographic hardware storage, or those of us at organizations > who have a policy that these private keys must be stored in such format, > e.g. for Windows, use of the MS crypto API storage which is bound to the > TPM on the laptop. Does that answer your question? OK thanks. If the patches are attached to this bug I will look and use them. If they are not it would be helpful to just attach them explicitly here too. (same plane excuse from above applies). Thanks for your help and for understanding the delay on my side. - Alexander -- NetworkManager should support smartcard based certificate https://bugs.launchpad.net/bugs/120363 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs