-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2010-3177 2010-08-09 17:27:49 --------------------------------------------------------------------------------
Name : pki-tks Product : Fedora EPEL 5 Version : 1.3.3 Release : 1.el5 URL : http://pki.fedoraproject.org/ Summary : Dogtag Certificate System - Token Key Service Description : Dogtag Certificate System is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments.
The Dogtag Token Key Service is an optional PKI subsystem that manages the master key(s) and the transport key(s) required to generate and distribute keys for hardware tokens. Dogtag Token Key Service provides the security between tokens and an instance of Dogtag Token Processing System, where the security relies upon the relationship between the master key and the token keys. A Dogtag Token Processing System communicates with a Dogtag Token Key Service over SSL using client authentication.
Dogtag Token Key Service helps establish a secure channel (signed and encrypted) between the token and the Dogtag Token Processing System, provides proof of presence of the security token during enrollment, and supports key changeover when the master key changes on the Dogtag Token Key Service. Tokens with older keys will get new token keys.
Because of the sensitivity of the data that Dogtag Token Key Service manages, Dogtag Token Key Service should be set up behind the firewall with restricted access.
-------------------------------------------------------------------------------- Update Information:
various bug fixes Add 'pki-console' as a runtime dependency Supply convenience symlink(s) for backwards compatibility -------------------------------------------------------------------------------- References:
[ 1 ] Bug #566059 - Add 'pki-console' as a runtime dependency for CA, KRA, OCSP, and TKS . . . https://bugzilla.redhat.com/show_bug.cgi?id=566059 [ 2 ] Bug #562986 - Supply convenience symlink(s) for backwards compatibility (rename jar files as appropriate) https://bugzilla.redhat.com/show_bug.cgi?id=562986 [ 3 ] Bug #553075 - Apply "registry" logic to pki-tks . . . https://bugzilla.redhat.com/show_bug.cgi?id=553075 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update pki-tks' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org