p11-glue in debian, debconf11 discussion

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jul 7 11:28:36 PDT 2011

hi p11 folks (and stef in particular)--

I'm de-lurking now :)

Is p11-glue packaged for Debian yet? I don't see any package in the
debian archive under that name.  If it's not already done, i'd be
interested in helping out with the packaging so the ideas of this
project can see wider adoption.  Would that be useful?

Also, I will be leading a session at DebConf11 (the annual debian
conference, happening later this month) titled "Debian as though
cryptographic authentication mattered".

I think a pluggable architecture like PKCS#11 is critical for a coherent
user experience of cryptographic authentication, though i have some
concerns about the scope of PKCS#11 itself (which i'll bring up in
another message to this list shortly).

Anyway, I welcome feedback on things to present in the session, and if
there are any concerns interested parties have about the relevant topics.

The current abstract for the talk is:

 This talk will cover cryptographic authentication within debian, how we
can better streamline the situation for our users, minimize code,
increase freedom, and help rein in the "too big to fail" members of the
Certificate Authority cartel which dominates the standard cryptographic
authentication model for TLS and S/MIME.

I'll talk about:

 * cryptographic authentication agents (both per-user and per-system)

 * the various forms of cryptographic certification we already support
in debian

 * minimizing and streamlining code that handles this sensitive task

 * making user choice easier, more understandable, and more effective
across the distro

 * collaboration with other distros and other operating systems

If anyone on this list is going to be at DC11 (or in or near Bosnia
later this month), i would welcome your presence in person at the
discussion too.

Hopefully we can help push this kind of idea forward together.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/p11-glue/attachments/20110707/0d4bcd67/attachment.pgp>

More information about the p11-glue mailing list