cacert/cacert-policies
9
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

CPS Technical Solutions #2

New issue
Closed
opened 2024-02-21 19:22:14 +00:00 by alkas · 3 comments
alkas commented 2024-02-21 19:22:14 +00:00
Member
Copy link

CPS Technical Solutions

0. Introduction, concepts

1. Types of certificates: PGP, X.509, client, server, root CA, intermediate CA.

2. Purposes of a user certificate - what it is used for - templates, restrictions, legal conotations

3. User certificate requirements given by the rules from above (CAB)

a) validity max. 1 year

b) user certs should be signed only by the intermediate CA certificate

4. CAcert User Certificate Issuance Rules (Client and Server)

a) up to 49 APs

b) 50-99 APs

c) 100+ APs

d) assurer - ability to sign documents, software

5. Certificate templates

a) client

b) server

c) PGP ?

6. Certificate structure

a) X.509: data, from where (CSR, user account, template)

b) dtto for PGP

7. Other (critically according to existing CPS)

# CPS Technical Solutions ## 0. Introduction, concepts ## 1. Types of certificates: PGP, X.509, client, server, root CA, intermediate CA. ## 2. Purposes of a user certificate - what it is used for - templates, restrictions, legal conotations ## 3. User certificate requirements given by the rules from above (CAB) ### a) validity max. 1 year ### b) user certs should be signed only by the intermediate CA certificate ## 4. CAcert User Certificate Issuance Rules (Client and Server) ### a) up to 49 APs ### b) 50-99 APs ### c) 100+ APs ### d) assurer - ability to sign documents, software ## 5. Certificate templates ### a) client ### b) server ### c) PGP ? ## 6. Certificate structure ### a) X.509: data, from where (CSR, user account, template) ### b) dtto for PGP ## 7. Other (critically according to existing CPS)
jandd commented 2024-02-22 10:58:41 +00:00
Owner
Copy link

Hi @alkas,

pull requests are meant to discuss changes to existing files or new files in a repository. From a git perspective this pull request is empty because it contains no git commits.

The normal process to create a pull request is the following:

  1. clone the repository to your machine

    git clone https://code.cacert.org/cacert/cacert-policies.git

  2. create a branch for your planned modifications

    git checkout -b your-branch-name

  3. edit or add files in your local clone of the repository

  4. add and commit your changes

    git commit -a -m "Structure for CPS Technical Solutions"

  5. Push your changes to the central repository

    git push -u origin your-branch-name

When you push your changes the git client will show advice how to create a pull request to merge the changes from your-branch-name to the main branch. This pull request can then be reviewed and discussed with other contributors. Modifications to the pull request itself can be added by committing/pushing additional changes to the your-branch-name branch.

You may also edit files in the browser, but this is quite limited in comparison to the workflow described above.

Kind regards
Jan

Hi @alkas, pull requests are meant to discuss changes to existing files or new files in a repository. From a git perspective this pull request is empty because it contains no git commits. The normal process to create a pull request is the following: 1. clone the repository to your machine ``` git clone https://code.cacert.org/cacert/cacert-policies.git ``` 2. create a branch for your planned modifications ``` git checkout -b your-branch-name ``` 3. edit or add files in your local clone of the repository 4. add and commit your changes ``` git commit -a -m "Structure for CPS Technical Solutions" ``` 5. Push your changes to the central repository ``` git push -u origin your-branch-name ``` When you push your changes the git client will show advice how to create a pull request to merge the changes from your-branch-name to the main branch. This pull request can then be reviewed and discussed with other contributors. Modifications to the pull request itself can be added by committing/pushing additional changes to the your-branch-name branch. You may also edit files in the browser, but this is quite limited in comparison to the workflow described above. Kind regards Jan
knilsson commented 2024-03-25 10:08:00 +00:00
Member
Copy link

Thank you, @jandd !
I have reviewed and approved that PR, so it's now visible on the first page of the repo of the policies.
https://code.cacert.org/cacert/cacert-policies

@alkas if we use this method, described by Jan, then all text suggestions will be visible here in the repo, so we can discuss them, and not have to send emails back and forth.

Also, THANK YOU, @alkas ! for picking up the baton where I so clearly dropped it, and pushing forward with this process of improving the CPS.

Thank you, @jandd ! I have reviewed and approved that PR, so it's now visible on the first page of the repo of the policies. https://code.cacert.org/cacert/cacert-policies @alkas if we use this method, described by Jan, then all text suggestions will be visible here in the repo, so we can discuss them, and not have to send emails back and forth. Also, THANK YOU, @alkas ! for picking up the baton where I so clearly dropped it, and pushing forward with this process of improving the CPS.
jandd commented 2024-09-21 06:06:11 +00:00
Owner
Copy link

I close this issue to avoid lingering open issues. The procedure to get changes into the repository has been described in https://code.cacert.org/cacert/cacert-policies/src/branch/main/README.md.

I close this issue to avoid lingering open issues. The procedure to get changes into the repository has been described in https://code.cacert.org/cacert/cacert-policies/src/branch/main/README.md.
jandd closed this issue 2024-09-21 06:06:12 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
cps-for-new-certificate-hierarchy-proposal
CPS-parts
merge-webdb-policy-changes
CPS-work
No results found.
Labels
Clear labels
  
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: cacert/cacert-policies#2
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?