From d9984ccf8dde873f7b2632979989675eb900871a Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sun, 16 Jun 2019 14:08:54 +0200 Subject: doc: updated p11-kit links [ci skip] Signed-off-by: Nikos Mavrogiannopoulos --- doc/cha-cert-auth.texi | 2 +- doc/cha-library.texi | 2 +- doc/cha-tokens.texi | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index f26f90e57e..cea30cf465 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -409,7 +409,7 @@ flags are part of the enumeration Some systems provide a system wide trusted certificate storage accessible using the PKCS #11 API. That is, the trusted certificates are queried and accessed using the PKCS #11 API, and trusted certificate properties, such as purpose, are marked using -attached extensions. One example is the p11-kit trust module@footnote{see @url{https://p11-glue.freedesktop.org/trust-module.html}.}. +attached extensions. One example is the p11-kit trust module@footnote{see @url{https://p11-glue.github.io/p11-glue/trust-module.html}.}. These special PKCS #11 modules can be used for GnuTLS certificate verification if marked as trust policy modules, i.e., with @code{trust-policy: yes} in the p11-kit module file. diff --git a/doc/cha-library.texi b/doc/cha-library.texi index ff21ba6d83..6e5df6eaaa 100644 --- a/doc/cha-library.texi +++ b/doc/cha-library.texi @@ -142,7 +142,7 @@ the last, which allows to use a PKCS #11 trust policy module. That module not on provides the trusted certificates, but allows the categorization of them using purpose, e.g., CAs can be restricted for e-mail usage only, or administrative restrictions of CAs, for examples by restricting a CA to only issue certificates for a given DNS domain using NameConstraints. -A publicly available PKCS #11 trust module is p11-kit's trust module@footnote{@url{https://p11-glue.freedesktop.org/doc/p11-kit/trust-module.html}}. +A publicly available PKCS #11 trust module is p11-kit's trust module@footnote{@url{https://p11-glue.github.io/p11-glue/trust-module.html}}. @node Document overview @section Overview diff --git a/doc/cha-tokens.texi b/doc/cha-tokens.texi index 6057feda2f..ab7a5fbf32 100644 --- a/doc/cha-tokens.texi +++ b/doc/cha-tokens.texi @@ -302,7 +302,7 @@ and tokens, @acronym{PKCS} #11 is automatically initialized during the first call of a @acronym{PKCS} #11 related function, in a thread safe way. The default initialization process, utilizes p11-kit configuration, and loads any appropriate @acronym{PKCS} #11 modules. The p11-kit configuration -files@footnote{@url{https://p11-glue.freedesktop.org/}} are typically stored in @code{/etc/pkcs11/modules/}. +files@footnote{@url{https://p11-glue.github.io/p11-glue/p11-kit.html}} are typically stored in @code{/etc/pkcs11/modules/}. For example a file that will instruct GnuTLS to load the @acronym{OpenSC} module, could be named @code{/etc/pkcs11/modules/opensc.module} and contain the following: @@ -506,7 +506,7 @@ The @acronym{PKCS} #11 API can be used to allow all applications in the same operating system to access shared cryptographic keys and certificates in a uniform way, as in @ref{fig-pkcs11-vision}. That way applications could load their trusted certificate list, as well as user certificates from a common PKCS #11 module. -Such a provider is the p11-kit trust storage module@footnote{@url{https://p11-glue.freedesktop.org/trust-module.html}} +Such a provider is the p11-kit trust storage module@footnote{@url{https://p11-glue.github.io/p11-glue/trust-module.html}} and it provides access to the trusted Root CA certificates in a system. That provides a more dynamic list of Root CA certificates, as opposed to a static list in a file or directory. -- cgit v1.2.1