On Mon, Nov 24, 2014 at 11:04:50AM -0500, Rob Crittenden wrote:
> Outback Dingo wrote:
> > Im curious about monkeysphere http://web.monkeysphere.info/  and how
> > it might compare, integrate, enhance freeipa ..... any thoughts, or
> > ideas, or is what it does basically already covered via freeipa?
> > 
> > 
> 
> There does seem to be a fair bit of overlap with the SSH key
> distribituion/validation.
> 
> We attempt CA fetching in a similar way, by using a trusted mechanism to
> fetch it. We use Kerberos when available.
> 
> rob
> 
The projects have very different goals - Monkeysphere is
web-of-trust whereas FreeIPA uses centralised authentication and a
chain-of-trust PKI - so I do not see much scope for direct
integration.

Rob's point about some of the underlying mechanisms being similar is
accurate - a cross-pollination of ideas or implementations could
reduce overall effort.

Fraser

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to