Re: [Pki-devel] SSO

model, that doesn't currently exist for anything but Dogtag's internal users and cert-auth capability. - A - Original Message - > From: "Pascal Jakobi" > To: "Alex Scheel" > Sent: Thursday, July 2, 2020 11:39:32 AM > Subject: Re: [Pki-devel] SSO >

Re: [Pki-devel] SSO

There's a proposal for GSS-API auth: https://www.dogtagpki.org/wiki/GSS-API_authentication https://www.freeipa.org/page/V4/Dogtag_GSS-API_Authentication However, it isn't implemented yet. This would probably suffice for SSO though. My 2c, - Alex - Original Message - > From: "Dinesh P

[Pki-devel] CVEs in RHEL 7

Hey Amy, Matt asked about our CVE response in RHEL 7. As far as I know, we have the following CVEs (grouped below by category). Third Party: - CVE-2016-10735 (bootstrap) XSS Moderate - CVE-2018-14040 (bootstrap) XSS Moderate - CVE-2018-14042 (bootstrap) XSS Moderate - CVE-2019-8331 (bootstr

Re: [Pki-devel] [Pki-users] How to generate the certificate in pkcs #12 format using Dogtag PKI

Hi Sarath, I think a X509 Certificate with "digital signature" key usage would suffice based on what I can tell: - https://helpx.adobe.com/acrobat/using/certificate-based-signatures.html - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 - https://access.redhat.com/documentation/en-us/red