* Martin Schmidkunz <[email protected]> [Oct 01. 2009 09:47]: > Hi, > > I am just pondering about the design of the "Details of Registration > Server" dialog, where the user is able to modify the registration > server and to administer needed certificates and I have some > questions about it: > * Do we want to do configuration of registration server via GUI at all? No. I don't see this requested and it also wouldn't match our target audience (unexperienced users).
> * Is there more than one certificate issued by the registration > server? From my talk with Jens Daniel I got the information, that > there will be one registration server so I guess that it will issue > one certificate, but you know how it is with guessing :-) Ask Michael Calmer and Thomas Goettlicher, they're handling such issues for SLMS. I currently see two certificates in the WebYaST architecture. 1. To establish trust between the appliance and the registration server. 2. To establish trust between the appliance and the browser. case 1 would ideally be handled when creating the appliance by pre-installing the certificate on the appliance. If this is not the case, we need an acceptance pop-up in WebYaST. case 2 would be a no-brainer if the vendor installs a 'commercial' certificate, i.e. one with a trust chain already build into the browser. Otherwise, certificate acceptance is done by the browser outside WebYaSTs influence. > * Does acceptance of certificate mean that, a user action is > required to accept/install it? I'd say yes for both cases. > * How are "Do you want to accept this certificate?" pop ups handled, > which are provided by a browser? You must not influence those. Its up to the user, not the originating website to accept/deny trust. > Are they suppressed or if enabled would the user accept the certificate > by clicking the pop up instead of a button in the webYaST GUI? For case 1 above, the dialog is handled by the browser. For case 2 WebYaST must provision this. > * Do we want to visualize import/export certificate in the GUI? Would we need this ? Whats the usecase here ? > * Do we want to allow the user to delete a certificate or do we just > display a certificate obtained by connecting to registration server? The latter. Certification management is not a priority right now. Hth, Klaus --- SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
