Package: wnpp
Severity: wishlist
Owner: Martin Pitt
* Package name: sscg
Version : 2.6.2
Upstream Author : Stephen Gallagher
* URL : https://github.com/sgallagher/sscg/
* License : GPL-3+ with OpenSSL exception
Description :
sscg is a utility to aid in the creation of more secure "self-signed"
certificates. The certificates created by this tool are generated in a
way so as to create a CA certificate that can be safely imported into a
client machine to trust the service certificate without needing to set
up a full PKI environment and without exposing the machine to a risk of
false signatures from the service certificate.
See this blog post for details:
https://sgallagh.wordpress.com/2016/05/02/self-signed-ssltls-certificates-why-they-are-terrible-and-a-better-alternative/
Cockpit's web server makes use of sscg if it is available, as a slightly better
alternative than direct self-signed certificates.
CC'ing upstream author Stephen for questions about the functionality.
I recently sent the Debian packaging to the upstream project, where it will run
in CI for each PR: https://github.com/sgallagher/sscg/pull/22
Thanks,
Martin
signature.asc
Description: PGP signature