On Mon, Nov 24, 2014 at 11:04:50AM -0500, Rob Crittenden wrote: > Outback Dingo wrote: > > Im curious about monkeysphere http://web.monkeysphere.info/ and how > > it might compare, integrate, enhance freeipa ..... any thoughts, or > > ideas, or is what it does basically already covered via freeipa? > > > > > > There does seem to be a fair bit of overlap with the SSH key > distribituion/validation. > > We attempt CA fetching in a similar way, by using a trusted mechanism to > fetch it. We use Kerberos when available. > > rob > The projects have very different goals - Monkeysphere is web-of-trust whereas FreeIPA uses centralised authentication and a chain-of-trust PKI - so I do not see much scope for direct integration.
Rob's point about some of the underlying mechanisms being similar is accurate - a cross-pollination of ideas or implementations could reduce overall effort. Fraser -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
