On Sat, Apr 17, 2004 at 10:01:55PM +0200, Thomas Dupouy wrote: >Hi debian mentors. >I am looking for a sponsor for two packages : > newpki-server : PKI based on the OpenSSL low-level API (server package) > newpki-client : PKI based on the OpenSSL low-level API (client package) >Here is the story : as a journalist for a french magazine, I was asked >to write an article about PKI's. PKI's are systems designed to manage >cetificates on a long term (creation, revocation, etc). The first think >I did was an "apt-cache search pki" and... surprisingly found (almost) >nothing ! >After some investigations on Google, it appeared that, except openCA et >idx-pki, a promising software exists : NewPKI. >Produced by Frederic Giudicelli (french person too), NewPKI is a C++ >client-server software. The server part uses a MySQL database to keep >all certificates, and the client part is a WxWindows GUI used to manage >the server. >As there are my first packages, I've tried my best to make them well. >Instead of running as root, the server part runs as unauthorised user >"newpki", and manual changes to configuration files are kept on >upgrade. >It will need some work to validate and maybe correct the scripts and >comments, but not so much. Frederic Giudicelli is motivated, as I am, >to see his software entering the Debian pools. >This software is GPL v2 licensed. I've supposed it should take place >in section "utils" as OpenSSL is. >Packages are available at > http://moz.free.fr/newpki/ >and the author page is at > http://www.newpki.org > >Description: PKI based on the OpenSSL low-level API (client package) > All the datas are handled through a database, which provides > a much more flexible PKI than with OpenSSL, such as seeking > a certificate with a search engine. > . > There is an SQL abstraction layer, the one provided is for a MySQL database. > . > NewPKI is developed in c++, there are only a few public classes, > which allows to handle any kind of application, a standalone, a PHP module, > or to easily integrate NewPKI in an existing project. > . > Here are the key features of the actual version of NewPKI: > - Handling of multiple CAs in one server. > - Publish a certificate request from CSR. > - Publish a certificate request, by specifying the DN fields. > - Certify a request, specifying the DN Policy and the certificate extension. > - Revoke a certificate. > - Generate the CRL. > - Search for the waiting requests, or the certificates. > - OCSP responder. > - LDAP seek and publication. > >The newpki-client package is lintian clean. The newpki-server report a >warning due to the option "start at boot" which optionnaly update-rc.d >depending on the customer answer. >So I'm looking for a sponsor, please have a look
The packages look as if they are Debian native packages. Obviously, there are not. I suggest you to read the policy [0] and developer's reference [1] documents carefully. I couldn't find the corresponding ITP reports for both newpki-server and newpki-client at [2]. See [3] and [4]. Don't forget to include a 'CLoses: #nnnnnn' in the corresponding debian/changelog files to close the ITP reports. Please read [5] if you haven't done so. Why are not the versions 2.0.0-beta3.1 and 2.0.0-beta3 for the client and the server packages, respectively? See [4]. Before you build the packages, the name of the original tarball newpki-client-2.0.0-beta3.1.tar.gz should be changed to newpki-client_2.0.0-beta3.1.orig.tar.gz (note the '_' and the '.orig'). Similarly, the name of the original tarball newpki-server-2.0.0-beta3.tar.gz should be changed to newpki-server_2.0.0-beta3.orig.tar.gz. Renaming the original tarballs, will indicate to dpkg-buildpackage that the packages are not native packages, see [7]. Please read [8] and change your debian/copyright files accordingly. Please read [9] and change the package descriptions accordingly. [0] http://www.debian.org/doc/debian-policy/ [1] http://www.debian.org/doc/developers-reference/ [2] http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=wnpp [3] http://www.debian.org/devel/wnpp/ [4] http://www.debian.org/Bugs/server-control [5] http://people.debian.org/~mpalmer/debian-mentors_FAQ.html [6] http://www.debian.org/doc/debian-policy/ch-binary.html#s3.2.1 [7] http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-sourcelayout [8] http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200312/msg00007.html [9] http://people.debian.org/~walters/descriptions.html >Best regards, > >-- >Thomas Dupouy >[EMAIL PROTECTED] > >---------------------------------------------------------------------- >GnuPG public key ID : 35293BA8ECA61F4E >GnuPG fingerprint : E71F DAB5 987B CCC9 FF56 38FE 3529 3BA8 ECA6 1F4E >---------------------------------------------------------------------- Anibal Monsalve Salazar -- .''`. Debian GNU/Linux | Building 28C : :' : Free Operating System | Monash University VIC 3800, Australia `. `' http://debian.org/ | http://www-personal.monash.edu/~anibal/ `- |
pgpExYqkNYvJQ.pgp
Description: PGP signature
