On Tue, 2012-11-13 at 11:18 +0100, Christian Hilberg wrote: > My question now (for documenting the status quo) is whether anyone > is currently working on getting certificate-based client authentication > utilizing a TPM flying in Evolution for OpenLDAP+GnuTLS at present > or whether there are any plans to support this use case in the > near future.
No one is working on it at the moment, and I don't see it being supported in the near future without sufficient demand or external contributors. I can't speak for Milan, but for me it's more ignorance in this area than objection or lack of interest. I will say that I'd like to see Evolution (Camel in particular) stop talking directly to NSS and defer certificate management to the various security libraries and APIs in the GNOME platform -- p11-kit, libgck, GTlsCertificate in libgio, etc. We haven't even begun to utilize these libraries yet (except perhaps through libsoup), and I sense there's a lot of redundancy in our code that could be eliminated by doing so, not to mention automatically gaining more consistent and probably improved behavior. But not yet being very familiar with these libraries, at present I can only make hand-wavy motions in their general direction. I'm hoping next year we can start taking real steps in that direction. That's the best answer I can offer for now. In the meantime, maybe consider using a Virtual Private Network. ;) Matthew Barnes _______________________________________________ evolution-hackers mailing list [email protected] To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-hackers
