After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 637966 - Read-only PKCS#11 module for root settings
Read-only PKCS#11 module for root settings
Status: RESOLVED FIXED
Product: gnome-keyring
Classification: Core
Component: pkcs11
unspecified
Other Linux
: Normal normal
: ---
Assigned To: GNOME keyring maintainer(s)
GNOME keyring maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2010-12-24 15:56 UTC by Stef Walter
Modified: 2016-02-23 09:54 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Stef Walter 2010-12-24 15:56:18 UTC
For the system CA certificates, and possibly CRLs and other stuff, we shouldn't need to call into gnome-keyring-daemon. There should be a pkcs11 module which loads these things in-process.

This PKCS#11 module will be read-only and can't use any private data. Writable stuff and private stuff will need to continue to be handled by the daemon. So this will be limited to exposing system trust and certificates.
Comment 1 Stef Walter 2016-02-23 09:54:23 UTC
Closing. p11-kit trust implemented this.