[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ekmi] Groups - EKMI Implementation and Operations Guidelines(ODT)
Arshad Noor skrev: > I don't see why SKMS cannot precede PKI in the Implementation Guide > document; they will both be equivalent players in an EKMI, so discussing > either first, would be appropriate. I just though about the people that only have the energy to browse through the first part of the document :) > WRT the directory, Tomas, most PKIs that I've been involved with in the > past have required publishing certificates to Active Directory or some > other form of LDAP - although the last 2 we deployed did not require > that. Technically, there is no requirement for it unless the business > required it; but if the business did require it, it would be good to > discuss it in the guidelines document. Perhaps we should move it to > an Appendix as an optional component of a PKI. Any other thoughts on > this from others? My feeling is that we should limit the description to the EKMI domain. If it's not a requirement for EKMI it's out. If it's a technical requirement for some PKI implementation, then it should be regarded as an implementation issue. I don't see the EKMI ever making use of the directory as a directory service, does naybode else see that? > P.S. I need to study XKMS a little bit before I can say speak > intelligently on the subject, since I have not delved into XKMS too > deeply. Other than the W3C site with the specification, are there > any other documents/presentations that you'd recommend to us for > our reading list? Thanks Tomas. No unforturnately not. I did not do the XKMS implementation in EJBCA myself, so I have only heard it from another source. He says that XKMS is used/suitable for client enrollment anyhow. Cheers, Tomas
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]