Re: [Freeipa-devel] [PATCH] 0055 Fix tests which fail after ipa-adtrust-install

On 08/09/2013 04:03 PM, Ana Krivokapic wrote: On 08/09/2013 09:39 AM, Tomas Babej wrote: On 08/08/2013 04:09 PM, Ana Krivokapic wrote: Hello, This patch should fix the failing unit tests. https://fedorahosted.org/freeipa/ticket/3852 ___ Freeipa-d

Re: [Freeipa-devel] DNSSEC support design considerations: key material handling

On 9.8.2013 15:12, Rob Crittenden wrote: Simo Sorce wrote: On Fri, 2013-08-09 at 10:42 +0200, Petr Spacek wrote: On 23.7.2013 10:55, Petr Spacek wrote: On 19.7.2013 19:55, Simo Sorce wrote: I will reply to the rest of the message later if necessary, still digesting some of your answers, but I

Re: [Freeipa-devel] DNSSEC support design considerations: key material handling

On Friday, August 09, 2013 08:49:29 AM Simo Sorce wrote: > > Dmitri, Martin and me discussed this proposal in person and the new plan > > is: - Elect one super-master which will handle key generation (as we do > > with special CA certificates) > > I guess we can start this way, but how do you dete

Re: [Freeipa-devel] [PATCH] 0055 Fix tests which fail after ipa-adtrust-install

On 08/09/2013 09:39 AM, Tomas Babej wrote: > On 08/08/2013 04:09 PM, Ana Krivokapic wrote: >> Hello, >> >> This patch should fix the failing unit tests. >> >> https://fedorahosted.org/freeipa/ticket/3852 >> >> >> >> ___ >> Freeipa-devel mailing list >> Fr

Re: [Freeipa-devel] DNSSEC support design considerations: key material handling

Simo Sorce wrote: On Fri, 2013-08-09 at 10:42 +0200, Petr Spacek wrote: On 23.7.2013 10:55, Petr Spacek wrote: On 19.7.2013 19:55, Simo Sorce wrote: I will reply to the rest of the message later if necessary, still digesting some of your answers, but I wanted to address the following first. O

Re: [Freeipa-devel] DNSSEC support design considerations: key material handling

On Fri, 2013-08-09 at 10:42 +0200, Petr Spacek wrote: > On 23.7.2013 10:55, Petr Spacek wrote: > > On 19.7.2013 19:55, Simo Sorce wrote: > >> I will reply to the rest of the message later if necessary, still > >> digesting some of your answers, but I wanted to address the following > >> first. > >>

[Freeipa-devel] certmonger/oddjob for DNSSEC key maintenance

Hello, I would like to get opinions about key maintenance for DNSSEC. Problem summary: - FreeIPA will support DNSSEC - DNSSEC deployment requires <2,n> cryptographic keys for each DNS zone (i.e. objects in LDAP) - The same keys are shared by all FreeIPA servers - Keys have limited lifetime and

Re: [Freeipa-devel] [PATCH 0073] Remove support for IPA deployments with no persistent search

On 08/09/2013 12:02 PM, Tomas Babej wrote: > On 08/08/2013 06:20 PM, Martin Kosek wrote: >> On 08/07/2013 04:52 PM, Tomas Babej wrote: >>> On 08/05/2013 05:59 PM, Martin Kosek wrote: On 07/17/2013 01:47 PM, Tomas Babej wrote: >> I will release version 3.5 before end of this week. I have so

Re: [Freeipa-devel] [PATCH 0073] Remove support for IPA deployments with no persistent search

On 08/08/2013 06:20 PM, Martin Kosek wrote: On 08/07/2013 04:52 PM, Tomas Babej wrote: On 08/05/2013 05:59 PM, Martin Kosek wrote: On 07/17/2013 01:47 PM, Tomas Babej wrote: I will release version 3.5 before end of this week. I have some small fixes ready so it is worth to release it now. To

Re: [Freeipa-devel] DNSSEC support design considerations: key material handling

On 23.7.2013 10:55, Petr Spacek wrote: On 19.7.2013 19:55, Simo Sorce wrote: I will reply to the rest of the message later if necessary, still digesting some of your answers, but I wanted to address the following first. On Fri, 2013-07-19 at 18:29 +0200, Petr Spacek wrote: The most important

Re: [Freeipa-devel] [PATCH] 0055 Fix tests which fail after ipa-adtrust-install

On 08/08/2013 04:09 PM, Ana Krivokapic wrote: Hello, This patch should fix the failing unit tests. https://fedorahosted.org/freeipa/ticket/3852 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-