On 03/04/2014 11:08 AM, Petr Spacek wrote:
On 16.2.2014 13:22, Simo Sorce wrote:
On Fri, 2014-02-14 at 14:51 +0100, Petr Spacek wrote:
I have got an silly idea to use TPM (Trusted Platform Module) as
Keytab storage (via GSS-Proxy).
GSS-Proxy prevents application from accessing key material, right? So
GSS-Proxy could theoretically store keys in TPM and application
notice any difference, right?
We have libraries for that in Fedora already:
Even sillier idea is to use TPM as a PKCS#11 module:
I have no idea what the use case could be ... :-) May be as a
PKCS#11 module in SSSD?
As I said, it is just a silly idea.
Open a ticket in the GSS-Proxy trac :)
Is it a good topic for bachelor/master thesis? We are going to send
list of topics for next year so we have a chance to add it.
We are not going to touch this any time soon so it sounds like a good
idea to me.
I am not sure. Sounds like a lot of work with questionable results...
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-devel mailing list