Differences between revisions 11 and 12
Revision 11 as of 2007-10-26 14:02:16
Size: 4124
Editor: jp
Comment:
Revision 12 as of 2008-01-03 13:48:00
Size: 4198
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
plugins. Since ERP5 is based on [http://svn.zope.org/PluggableAuthService/ PAS], it plugins. Since ERP5 is based on [[http://svn.zope.org/PluggableAuthService/|PAS]], it
Line 13: Line 13:
- [http://glasnost.entrouvert.org/pki.html Concept de base des PKI] provides - [[http://glasnost.entrouvert.org/pki.html|Concept de base des PKI]] provides
Line 16: Line 16:
- [http://www.indexel.net/servlet/net.indexel.http.SvtRedirDocument?id=1365 Comment monter une PKI open source] provides a summary of existing projects - [[http://www.indexel.net/servlet/net.indexel.http.SvtRedirDocument?id=1365|Comment monter une PKI open source]] provides a summary of existing projects
Line 19: Line 19:
- [http://igc.services.cnrs.fr/Doc/ IGC CNRS] provides an exhaustive - [[http://igc.services.cnrs.fr/Doc/|IGC CNRS]] provides an exhaustive
Line 22: Line 22:
- [http://www.hsc.fr/ressources/presentations/net2002/mgp00002.html HSC] provides - [[http://www.hsc.fr/ressources/presentations/net2002/mgp00002.html|HSC]] provides
Line 25: Line 25:
- [http://ospkibook.sourceforge.net/ Open Source PKI Book] may be a good start point although it is old - [[http://ospkibook.sourceforge.net/|Open Source PKI Book]] may be a good start point although it is old
Line 27: Line 27:
- [http://openstuff.fr/Wikka/wikka.php?wakka=HowtoPKI Mise en place d'une PKI libre] (French) provides a step by step guide - [[http://openstuff.fr/Wikka/wikka.php?wakka=HowtoPKI|Mise en place d'une PKI libre]] (French) provides a step by step guide
Line 31: Line 31:
- [http://middleware.internet2.edu/hepki-tag/opensrc.html Open Source PKI] provides a quite exhaustive list of open source PKI solutions - [[http://middleware.internet2.edu/hepki-tag/opensrc.html|Open Source PKI]] provides a quite exhaustive list of open source PKI solutions
Line 35: Line 35:
- [https://www.openca.org/ OpenCA] is one the pioneers in open source PKI - [[https://www.openca.org/|OpenCA]] is one the pioneers in open source PKI
Line 37: Line 37:
- [http://www.primekey.se PrimeKey] provides a wide range of PKI related solutions in LGPL. Leading project is called EJBCA. - [[http://www.primekey.se|PrimeKey]] provides a wide range of PKI related solutions in LGPL. Leading project is called EJBCA.
Line 39: Line 39:
- [http://www.opentrust.com/content/view/119/111/lang,en/ OpenTrust PKI] is - [[http://www.opentrust.com/content/view/119/111/lang,en/|OpenTrust PKI]] is
Line 43: Line 43:
- [http://rooster.open-source.fr/ Rooster] is an open source
PKI made by [http://www.intrinsec.com/ Intrinsec]
- [[http://rooster.open-source.fr/|Rooster]] is an open source
PKI made by [[http://www.intrinsec.com/|Intrinsec]]
Line 46: Line 46:
- [http://lasso.entrouvert.org/ LASSO] provides a way to - [[http://lasso.entrouvert.org/|LASSO]] provides a way to
Line 50: Line 50:
- [http://www.bandit-project.org/ Bandit] is supported by Novell - [[http://www.bandit-project.org/|Bandit]] is supported by Novell
Line 52: Line 52:
- [http://federid.objectweb.org/ FederID] is based on LASSO and supported by ObjectWeb - [[http://federid.objectweb.org/|FederID]] is based on LASSO and supported by ObjectWeb
Line 54: Line 54:
- [https://opensso.dev.java.net/ OpenSSO] is a Java based SSO - [[https://opensso.dev.java.net/|OpenSSO]] is a Java based SSO
Line 58: Line 58:
- [http://www.opentsa.org/ OpenTSA] provides a time stamping solution built - [[http://www.opentsa.org/|OpenTSA]] provides a time stamping solution built
Line 63: Line 63:
- [http://vulture.open-source.fr/wiki/] is an open source
reverse proxy made by [http://www.intrinsec.com/ Intrinsec]. It now includes a PKI module.
- [[http://vulture.open-source.fr/wiki/]] is an open source
reverse proxy made by [[http://www.intrinsec.com/|Intrinsec]]. It now includes a PKI module.
Line 66: Line 66:
- [http://larpe.labs.libre-entreprise.org/ LARPE] is an SSO
reverse proxy based on [http://lasso.entrouvert.org/ LASSO]. It
- [[http://larpe.labs.libre-entreprise.org/|LARPE]] is an SSO
reverse proxy based on [[http://lasso.entrouvert.org/|LASSO]]. It
Line 72: Line 72:
- [http://www.openoces.org/ OpenOCES] includes a java applet to sign text - [[http://www.openoces.org/|OpenOCES]] includes a java applet to sign text
Line 74: Line 74:
- [https://www.openca.org/~madwolf/ch07.html OpenCA client support] provides minimal information on the built-in signature features of browsers - [[https://www.openca.org/~madwolf/ch07.html|OpenCA client support]] provides minimal information on the built-in signature features of browsers
Line 78: Line 78:
- [http://www.pyca.de/ PyCa] is a python implementation of - [[http://www.pyca.de/|PyCa]] is a python implementation of
Line 81: Line 81:
- [http://glasnost.entrouvert.org/rubrics/42.html PyKI] provides - [[http://glasnost.entrouvert.org/rubrics/42.html|PyKI]] provides
Line 84: Line 84:
- [http://plone.org/products/liberty-authentication-plugin-for-pas GEARS Plugin] was
made by the [http://gears.eife-l.org/ GEARS] project to integrate LASSO with Zope
- [[http://plone.org/products/liberty-authentication-plugin-for-pas|GEARS Plugin]] was
made by the [[http://gears.eife-l.org/|GEARS]] project to integrate LASSO with Zope
Line 89: Line 89:
- [http://www.opensc-project.org/ OpenSC] provides access to smart cards - [[http://www.opensc-project.org/|OpenSC]] provides access to smart cards
Line 93: Line 93:
 - [https://www.pki.dfn.de DFN]  - [[https://www.pki.dfn.de|DFN]]
Line 95: Line 95:
 - [http://www.pki-page.org/ PKI Page]  - [[http://www.pki-page.org/|PKI Page]]
Line 97: Line 97:
 - [https://addons.mozilla.org/en-US/firefox/addon/4522 XML Digital Signature Tool]  - [[https://addons.mozilla.org/en-US/firefox/addon/4522|XML Digital Signature Tool]]
Line 99: Line 99:
 - [https://addons.mozilla.org/en-US/firefox/addon/4471 Key Manager]  - [[https://addons.mozilla.org/en-US/firefox/addon/4471|Key Manager]]
Line 101: Line 101:
 - [http://www.openxpki.org/ OpenXPKI]  - [[http://www.openxpki.org/|OpenXPKI]]
Line 103: Line 103:
 - [http://chandlerproject.org/bin/view/Projects/MeTooCrypto M2Crypto]  - [[http://chandlerproject.org/bin/view/Projects/MeTooCrypto|M2Crypto]]
Line 105: Line 105:
 - [http://trevp.net/tlslite/ TLSLite]  - [[http://trevp.net/tlslite/|TLSLite]]
Line 107: Line 107:
 - [http://www.pyca.de/ PyCa]  - [[http://www.pyca.de/|PyCa]]

This page provides a collection of resources related to authentication in complex environments. This includes PKI, SSO reverse proxies, authentication plugins. Since ERP5 is based on PAS, it should be possible to extend the standard authentication setup with any of the more complex environments described.

Many sources are in French, probably because open source PKI market is quite developed in France with many large customers, large implementations and leading providers.

Starting Points

- Concept de base des PKI provides an easy introduction in French to PKI

- Comment monter une PKI open source provides a summary of existing projects and approaches (In French)

- IGC CNRS provides an exhaustive list of links and explanations (In French)

- HSC provides a short introduction to PKI (In French)

- Open Source PKI Book may be a good start point although it is old

- Mise en place d'une PKI libre (French) provides a step by step guide

Open Source PKI

- Open Source PKI provides a quite exhaustive list of open source PKI solutions

PKI

- OpenCA is one the pioneers in open source PKI

- PrimeKey provides a wide range of PKI related solutions in LGPL. Leading project is called EJBCA.

- OpenTrust PKI is the open source market leader. Source code is provided to customers under GPL. OpenTrust also provides an SSO reverse proxy. Latest versions are no longer open source.

- Rooster is an open source PKI made by Intrinsec

- LASSO provides a way to federate multiple PKIs. It is written in C and in python. It is supported in about any language.

- Bandit is supported by Novell

- FederID is based on LASSO and supported by ObjectWeb

- OpenSSO is a Java based SSO

Time Stamping

- OpenTSA provides a time stamping solution built into Apache.

Reverse Proxy

- http://vulture.open-source.fr/wiki/ is an open source reverse proxy made by Intrinsec. It now includes a PKI module.

- LARPE is an SSO reverse proxy based on LASSO. It is written in Python.

Signature

- OpenOCES includes a java applet to sign text

- OpenCA client support provides minimal information on the built-in signature features of browsers

Zope / Python Stuff

- PyCa is a python implementation of a certificate authority provider

- PyKI provides a couple a scripts to manage a minimal public key infrastructure

- GEARS Plugin was made by the GEARS project to integrate LASSO with Zope

Other

- OpenSC provides access to smart cards

Unsorted

ResourceLibrary/AuthenticationInfrastructure (last edited 2008-01-03 13:48:00 by localhost)