Mailinglist Archive: yast-devel (233 mails)

< Previous Next >
Re: [yast-devel] GUI related questions about registration
  • From: Klaus Kaempf <kkaempf@xxxxxxx>
  • Date: Thu, 1 Oct 2009 11:13:18 +0200
  • Message-id: <20091001091318.GC15217@xxxxxxxxxxxxx>
* Martin Schmidkunz <mschmidkunz@xxxxxxx> [Oct 01. 2009 09:47]:

I am just pondering about the design of the "Details of Registration
Server" dialog, where the user is able to modify the registration
server and to administer needed certificates and I have some
questions about it:
* Do we want to do configuration of registration server via GUI at all?
No. I don't see this requested and it also wouldn't match our target
audience (unexperienced users).

* Is there more than one certificate issued by the registration
server? From my talk with Jens Daniel I got the information, that
there will be one registration server so I guess that it will issue
one certificate, but you know how it is with guessing :-)
Ask Michael Calmer and Thomas Goettlicher, they're handling such
issues for SLMS.

I currently see two certificates in the WebYaST architecture.
1. To establish trust between the appliance and the registration server.
2. To establish trust between the appliance and the browser.

case 1 would ideally be handled when creating the appliance by
pre-installing the certificate on the appliance.
If this is not the case, we need an acceptance pop-up in WebYaST.

case 2 would be a no-brainer if the vendor installs a 'commercial'
certificate, i.e. one with a trust chain already build into the browser.
Otherwise, certificate acceptance is done by the browser outside
WebYaSTs influence.

* Does acceptance of certificate mean that, a user action is
required to accept/install it?
I'd say yes for both cases.

* How are "Do you want to accept this certificate?" pop ups handled,
which are provided by a browser?
You must not influence those. Its up to the user, not the originating
website to accept/deny trust.

Are they suppressed or if enabled would the user accept the certificate
by clicking the pop up instead of a button in the webYaST GUI?

For case 1 above, the dialog is handled by the browser. For case 2
WebYaST must provision this.

* Do we want to visualize import/export certificate in the GUI?
Would we need this ? Whats the usecase here ?

* Do we want to allow the user to delete a certificate or do we just
display a certificate obtained by connecting to registration server?
The latter. Certification management is not a priority right now.


SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG N├╝rnberg)

To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-devel+help@xxxxxxxxxxxx

< Previous Next >