Carillon's main focus these days is on helping others do PKI right.

As the Chief Architect, this means I get to spend some time in the labs testing out a variety of Certificate-based software authentication and signing systems. One of the things that I do like about the Microsoft world, and which most annoys me about Linux is the complete lack of centralized certificate, trust anchor and configuration store.

If I want to test KDE applications, I've got to go and wade through either Kleopatra's interface (which is fairly complete in what it will actually do), or Konqueror's interface (which is not). More mindboggling, since they both should use the same settings, is that if I want to use certificates in Firefox and Thunderbird, I've got to add and manage my certificates in each of them separately. And don't even get me started on Apache and Postfix, which support certificates, but don't support any of the functions that make certificates a useful way to authenticate users and servers.

What I have wanted for a long time is a central repository of trust anchors, a per-application set of policy and configuration settings, and a per-user personal certificate store that is shared amongst all of the various PKI-enabled applications. Oh, and to have all of it work "correctly", validate incoming certificates against CRLs and OCSP, and follow the policy and trust chain back correctly.

I don't quite have that, but Pathfinder is a good start. We wrote it because we needed to have something that would allow us to automatically and properly validate incoming certificates on our Apache server. The only real alternative was difficult to justify in a production setting: manually grabbing CRLs and restarting the apache server, and trying to guess all of the various ways that our customers were going to try accessing our server, and thus guess all of their issuing CA certificates.

The architecture behind Pathfinder is important: through a D-Bus interface it provides a central configuration point for trust anchors, and a central query point for validity information (although we only support CRL checking at the moment). Since it also uses UniConf to manage its own configuration, it's simple to keep a large number of machines using Pathfinder in sync as well. Once we get the initial set of patches out, we'll also be working on adding per-application policy settings, and OCSP validity checking.

Now if only there were an easy way to have all applications support a single per-user key repository...