-
Notifications
You must be signed in to change notification settings - Fork 40
Trust Store Management Guide #9
Comments
The Trust Store Management Guide can be found here. |
Hi Participants, I have been assigned this issue. Please let me know the status, open, closed etc? Thanks |
I do not think it has been totally converted. Trust store management part hasn't been added (e.g. How to trim/modify Microsoft, apple, Mozilla trust stores) |
Thanks Ken. |
Please see a portion of the outline here: From the document directly:
|
Thanks Lachellel. |
Near term To do list for Trust Store Management Guide #9
|
@godadada wrt
Most has been completed for minimum viable |
"Trust Store" and "Trust Anchor Store" seem to be same concept; but the later is used by IETF RFC 6024, 5914, and 5934. Also it highlights the entry point of trust by using "Anchor". I would suggest we use "Trust Anchor Store" in place of "Trust Store". Thanks |
What do normal engineers understand best? [RFC is not a plain language model. sorry IETF colleagues!] I used Trust Store because I found it to appeal to a broader audience: https://piv.idmanagement.gov/piv-guides/networkconfig/trustedroots/ And searches online. 👍 truststore is also java language (keystore vs truststore) https doesn't use either and explained the requirements in even broader terms, plain language, focused on an audience: https://https.cio.gov/certificates/ Don't have a strong opinion except that we have 1) consistency and 2) it works for the intended audience |
Agree that we should use “Trust Store,” since it is accepted by a broader audience. Recommend that because the IETF RFCs use the term, “Trust Anchor Store,” we include a footnote (at first mention of “Trust Store” in the text) that explains: “‘Trust Anchor Store’ is also an industry-accepted term. See RFCs 5914, 5934, and 6024.” If a bibliography will be included in the FPKI Guides, then we should add the full document references for the 3 RFCs. |
Hey Lachellel, Thanks |
@lachellel @djpackham In "The most common Trust Stores belong to what vendors?" section table, under the Adobe entry, the link given was for www.apple.com (a mistake, I'm pretty sure). @godadada is searching for a correct link. In the meantime, for the Pull Request, I put in this link that I found: https://helpx.adobe.com/acrobat/kb/approved-trust-list2.html. |
closed via #101 and previous prs |
@dasgituser (Dave Silver) and @tkpk (Giuseppe Cimmino) are converting the FPKI Management Authority''s Trust Store Management Guide to a playbook. The Federal Public Key Infrastructure Management Authority designed and created the Trust Store Management Guide as an education resource for Department, Agency, corporate, and other organizational system level administrators and managers who use the Federal Public Key Infrastructure (FPKI) as part of regular business practices.
The text was updated successfully, but these errors were encountered: