Update on KIO & KSSL

Thiago Macieira thiago at kde.org
Thu Sep 20 23:31:52 BST 2007


Brad Hards wrote:
>On Wednesday 05 September 2007 07:50, Thiago Macieira wrote:
>> Brad Hards wrote:
>> >On Wednesday 05 September 2007 01:57, Eike Hein wrote:
>> >> Allen Winter wrote:
>> >> > This is becoming a major impediment to further progress on KMail.
>> >>
>> >> Konversation porting is eventually going to run into
>> >> this as well, FWIW.
>> >
>> >Do you need something that QCA::TLS doesn't provide? If you can tell
>> > me what it is, we can look at it for you.
>>
>> Yes: we need integration with KDE's policies and certificate
>> management.
>
>Do you mean (at least) that QCA should provide certs to the application
> from the KDE cert store (according to the KDE rules for which certs are
> trusted / untrusted) when that QCA app is running on the KDE desktop?

Yes. It also should do the same checks for verification and the same 
cipher settings. This includes accepting certificates that the user has 
already approved in KDE, even if they fail normal verification.

It seems no one is using client certificates, so we needn't bother with 
that at the moment. But, in the future, it must be part of the same 
configuration.

-- 
  Thiago Macieira  -  thiago (AT) macieira.info - thiago (AT) kde.org
    PGP/GPG: 0x6EF45358; fingerprint:
    E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20070921/f60a0786/attachment.sig>


More information about the kde-core-devel mailing list