You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The way PKINIT plugins currently work (see ticket #546, which asks that that be supported), the plugin will attempt to use the prompter callback, which the calling application will have supplied, to ask for information such as smart card PINs and the passphrase for encrypted key storage. Right now the krb5 provider doesn't appear to supply a callback, and it will need to in order to support this case. I'm adding this here to allow it to be tracked as a separable item.
This has a tight relation to the work Nathaniel is doing for client side of the AuthHub project. Once the AuthHub client code merged to MIT tree and the new responder interface is implemented we would need utilize this interface in SSSD for OTP and CS authentication.
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/1190
The way PKINIT plugins currently work (see ticket #546, which asks that that be supported), the plugin will attempt to use the prompter callback, which the calling application will have supplied, to ask for information such as smart card PINs and the passphrase for encrypted key storage. Right now the krb5 provider doesn't appear to supply a callback, and it will need to in order to support this case. I'm adding this here to allow it to be tracked as a separable item.
Comments
Comment from dpal at 2012-02-15 15:36:55
Fields changed
milestone: NEEDS_TRIAGE => SSSD Kerberos Improvements Feature
Comment from dpal at 2012-02-15 15:37:24
Fields changed
rhbz: => 0
Comment from dpal at 2012-08-16 23:34:42
This has a tight relation to the work Nathaniel is doing for client side of the AuthHub project. Once the AuthHub client code merged to MIT tree and the new responder interface is implemented we would need utilize this interface in SSSD for OTP and CS authentication.
proposed_priority: => Core
type: enhancement => task
Comment from dpal at 2012-09-04 23:20:16
Moving all the features planned for 1.10 release into 1.10 beta.
milestone: SSSD Kerberos Improvements Feature => SSSD 1.10 beta
Comment from dpal at 2012-09-04 23:46:02
Fields changed
priority: major => critical
Comment from dpal at 2012-12-20 21:51:47
Fields changed
design: =>
design_review: => 0
fedora_test_page: =>
selected: => Not need
Comment from dpal at 2013-01-02 15:32:08
Moving tickets that are not a priority for SSSD 1.10 into the next release.
milestone: SSSD 1.10 beta => SSSD 1.11 beta
Comment from dpal at 2013-07-30 10:18:03
Related to SC and OTP work.
changelog: =>
milestone: SSSD 1.12 beta => Interim Bucket
priority: critical => major
review: => 0
Comment from dpal at 2013-07-30 12:54:43
Fields changed
milestone: Interim Bucket => SSSD 1.12 beta
Comment from jhrozek at 2014-05-28 15:29:13
Should be solved together with ticket #2335 which is in 1.12 in at the moment.
Comment from jhrozek at 2014-05-30 15:54:20
Fields changed
milestone: SSSD 1.12 beta => SSSD 1.12.1
Comment from jhrozek at 2014-09-08 20:08:48
Mass-moving all tickets that didn't make 1.12.1 into 1.12.2
milestone: SSSD 1.12.1 => SSSD 1.12.2
Comment from jhrozek at 2014-09-30 19:06:16
We need to do a release as requested by downstream. Moving tickets that are not fixed already or very close to acking to 1.12.3
milestone: SSSD 1.12.2 => SSSD 1.12.3
Comment from jhrozek at 2014-11-19 18:07:02
We discussed some time ago that in 1.12 we only remove the OTP password from the PAM stack. This ticket belongs to 1.13.
mark: => 0
milestone: SSSD 1.12.3 => SSSD 1.13 beta
Comment from jhrozek at 2015-02-10 16:20:48
Let's evaluate whether we need this during Sumit's smart card work.
owner: somebody => sbose
Comment from jhrozek at 2015-06-25 15:33:15
Sumit will work on pkinit after smartcards are done.
milestone: SSSD 1.13 beta => SSSD 1.13 backlog
sensitive: => 0
Comment from jhrozek at 2016-02-18 16:55:29
OTP was implemented already including prompting, this ticket can be closed.
resolution: => invalid
status: new => closed
Comment from nalin at 2017-02-24 14:49:07
Metadata Update from @nalin:
The text was updated successfully, but these errors were encountered: