Certificate Management stuff
Ivan R. Judson
judson at mcs.anl.gov
Wed Jan 28 15:38:44 CST 2004
> -----Original Message-----
> From: Robert Olson [mailto:olson at mcs.anl.gov]
> Sent: Wednesday, January 28, 2004 3:18 PM
> To: judson at mcs.anl.gov; 'Keith Jackson'
> Cc: 'AG Dev'; 'Matt Rodriguez'
> Subject: RE: Certificate Management stuff
>
>
> >Bob, do you have a set of interfaces that you use to access
> certificate
> >information from python? Is that list of interfaces sufficient if
> >supplied to you?
>
> I use a good deal of the interfaces exposed by
> OpenSSL_AG.crypto. These are interfaces for access to
> public/private keys, certificates and certificate requests,
> including access to X509 Names, extensions, attributes.
>
> Classes include crypto.X509, .X509Name, .X509Req,
> .X509Extension, .PKey.
>
> How about just using pyOpenSSL as it just works and we've
> already done release enginnering with it. Seems a big
> overhead to reimplement what we already have when there is so
> much else to do.
Being so core to our toolkit, it significanly limits the distributability of
our code. M2Crypto is the standard SSL solution for SOAPpy and WSTools, most
likely ZSI as well, so I'm interested in if it has the interfaces we care
about.
Alternatively, that being bsd, Keith, et al, could actually use those
interface files and generate code against the openssl include in globus,
extending the pyGlobus interfaces to include what we care about (and is
provided by the libs below anyhow).
It's just a general cleanup, but it aligns us with the the rest of software
stack we're using, which is very nice.
--Ivan
More information about the ag-dev
mailing list