Some of this is what I hear from users, customers and the industry. Also
On 12/20/2013 02:23 PM, Anil Saldhana wrote:
Bill brought out some thoughts in my mind which I want to capture
to see what your thoughts are:
* Certificate Management
- We need a good system to CRUD certificates. The only good Java based
oss I have seen is EJBCA.
* Directory Server/Services
- We have ApacheDS and OpenDS (or the ForgeRock version) as two
possibilities in Java based directory servers. I am unsure if we have
really explored building a solution for directory services.
* Another important
consideration is Active Directory. It is an
ecosystem - has LDAP, Kerberos/SPNego, SAML, WSTrust etc. I think we
really need some type of Open Source solution to this ecosystem. The
core starts with directory services or a facade.
* Device Registration
- BaaS may be at play here.
- Apache UserGrid is incubating.
- FreeOTP is a new project at fedora for iOS/Android apps based on
- both KeyCloak and Aerogear have a solution for integrating OTP based
On 12/20/2013 02:13 PM, Anil Saldhana wrote:
> Hi Bill/Bruno,
> I think this is a great idea. Managing keys/certificates is going
> to be very critical.
> EJBCA may be good to CRUD x509 certificates.
> On 12/20/2013 08:18 AM, Bill Burke wrote:
>> Bruno, I'm also interested in your key management work. Client-cert
>> support is also something on the TODO list. We also need to have a talk
>> with Aerogear to brainstorm on how to secure/manage devices. I have
>> some ideas around both the UI and the protocol. Nothing concrete yet.
>> On 12/20/2013 7:17 AM, Bruno Oliveira wrote:
>>> Good morning guys, FYI I’ve started to migrate everything related with
ag-security to Keycloak
I hope to upstream/contribute with our needs during our development.
>>> Congratulations about the project.