F21 Self Contained Change: Remote Journal Logging
Alexander Bokovoy
abokovoy at redhat.com
Mon Apr 14 15:58:36 UTC 2014
On Mon, 14 Apr 2014, Zbigniew Jędrzejewski-Szmek wrote:
>On Mon, Apr 14, 2014 at 05:19:17PM +0300, Alexander Bokovoy wrote:
>> How certificates are managed for sender and receiver parts?
>By some external means... This could be automated, e.g. using
>certmaster, but I don't want to tie to a specific certificate
>distribution implementation.
Ok. I was worried you'll do the opposite. ;)
>> Who generates them? Do you require explicit placement of the
>> certificates prior to enabling the service?
>Yes. I want to push towards having the certificates in place in the
>default location, although it is of course possible to specify an alternate
>location through the config file, or even turn off certificate checking,
>but the defaults are supposed to be secure.
Agreed.
--
/ Alexander Bokovoy
More information about the devel
mailing list