blob: fc13e543bd02e5d3c0ce20411437e1fa03b329d4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
{% extends "base.incl" %}
{% block title %}p11-kit{% endblock %}
{% block content %}
<h1>Spec: Sharing Trust Policy</h1>
<p>Various crypto libraries have various ways to represent and store information
about which Certificate Authorities are to be used as trust anchors. They also
have different ways to represent certificates that are blacklisted.</p>
<p>This has led to a poor experience and a lack of coherency on Linux when it
comes to validating certificates.</p>
<p>This is an effort to define a standard way to represent trust policy, anchor
certificates and black lists. These should be represented in a coherent and
future-proof manner. The outlined solution, in addition to be an extensible concept,
is relatively easy to implement and retrofit into existing code.</p>
<p><a href="/doc/sharing-trust-policy/">The specification document</a> is in a
state of early construction.</p>
<h2>Contributing</h2>
<ul>
<li>Mailing list:
<a href="http://lists.freedesktop.org/mailman/listinfo/p11-glue">p11-glue@lists.freedesktop.org</a></li>
<li>Bugs:
<a href="https://bugs.freedesktop.org/enter_bug.cgi?product=p11-glue">bugs.freedesktop.org</a></li>
</ul>
{% endblock %}
|
