This project will provide a unified set of interfaces (both programming APIs and administrative tools) for managing PKI objects in Solaris. Currently, there are at several different "keystore systems" that developers and administrators must choose when designing systems that employ PKI technologies - NSS, OpenSSL, and PKCS#11 are the 3 main choices for Solaris users. Each of these systems presents very different programming APIs and administrative tools and none of them has any sort of concept of a PKI policy enforcement system.
The project page is here: http://www.opensolaris.org/os/project/kmf Information about our mailing list is here: http://www.opensolaris.org/os/project/kmf/discussions The project page currently contains some basic overview information and a slide presentation that covers some of the features in more detail. In the coming days/weeks/months we will be publishing a more detailed design document and eventually we will roll out our code for public inspection. Please have a look and let us know what you think. -- Wyllys Ingersoll
