Talk:EJBCA

Untitled
Just announced to the community that it exists.. it would be nice to have a day or two to provide some more info.. —Preceding unsigned comment added by ZeiZai6Y (talk • contribs) 09:44, 29 April 2008 (UTC)


 * Do you have any sources other than the project's website? Any articles, news releases, etc? UltraExactZZ Claims~ Evidence 12:45, 29 April 2008 (UTC)

A good start but this article needs improvement
I like the fact that you put EJBCA in. But it currently rather reads like a catalog sheet than like a Wikipedia article.


 * You should make sure that every information has a notable source. Currently your article looks like original research
 * The whole overall context is missing: the history of EJBCA, the context where it is relevant.
 * Also critical reflections are needed. What are the weak points? Why are commercial systems still relevant? And sources, discussing it would make sense.
 * Are there notable examples, perhaps open source portals or big Cloud applications which use EJBCA

Thx for making it better

ScienceGuard (talk) 18:32, 16 October 2016 (UTC)

Remove dead or redundant links
1. The link to: A workflow based architecture for Public Key Infrastructure; Johan Eklund; TRITA-CSC-E 2010:047 Is dead, and KTH does not seem to keep an archive of these anymore. I suggest removing it. 2. In External links, only the first one should be kept imo (reverting my edit that added them). The others are linked from there, or already present in the article (github). I suggest removing the three links below the "official site".

COI: I am the founder of this opensource project Primetomas (talk) 05:51, 18 April 2021 (UTC)

See also link to similar software?
Would it be good for the reader if See also linked to similar software such as let's encrypt (already present), OpenCA,DogTag,OpenXPKI, OpenSSL?

COI: founder of this open source project Primetomas (talk) 06:06, 18 April 2021 (UTC)

Also, most links in See also are already in the text and could be removed right? Primetomas (talk) 06:09, 18 April 2021 (UTC)

The links to similar software is already listed, with the exception of OpenXPKI, as "open source implementations" on the page Public_key_infrastructure, that have a more complete listing. Does that make it irrelevant here? Primetomas (talk) 06:22, 18 April 2021 (UTC)
 * thanks for suggesting these edits. I will try to put in your edits later today under the process listed at WP:ER. In the future, please place a COI edit request here instead of a plain text talk page message to make it easier for other editors to incorporate your edits. Thanks, EpicPupper 20:41, 18 April 2021 (UTC)

Thanks, Edit request added as a new section. I added the plain text talk to get consensus/input before suggesting the edit. Primetomas (talk) 08:47, 19 April 2021 (UTC)

Edit request - See also
Please replace the contents of "See also" with:

Primetomas (talk) 08:45, 19 April 2021 (UTC)
 * Public Key Infrastructure Open Source Implementations
 * Pictogram voting keep.svg Go ahead: I have reviewed these proposed changes and suggest that you go ahead and make the proposed changes to the page.  EpicPupper 18:38, 19 April 2021 (UTC)

Implemented. Primetomas (talk) 06:16, 20 April 2021 (UTC)

Edit request - External links
Remove redundant links from the External links section, leaving it with only one link:

Replace:
 * EJBCA at SourceForge
 * EJBCA at Docker Hub
 * EJBCA source at GitHub
 * EJBCA source at GitHub

with: Primetomas (talk) 08:52, 19 April 2021 (UTC)


 * Done Anton.bersh (talk) 06:29, 20 April 2021 (UTC)

Edit request - remove dead links and documentation references
In "Further reading" remove the list item that is not available on-line anymore, "A workflow based architecture for Public Key Infrastructure"

In "Design", completely remove the documentation reference that moved and is incorrect: Automated and large scale operations

In Design completely remove the documentation reference that is just a link to product documentation: PKI Architectures

Primetomas (talk) 08:58, 19 April 2021 (UTC)


 * I carried out these edits. Anton.bersh (talk) 09:47, 19 April 2021 (UTC)
 * Yes check.svg Done  EpicPupper 18:36, 19 April 2021 (UTC)

Edit request - Notable features edit #1
Please change: to
 * Online Certificate Status Protocol: For certificate validation you have the choice of using X.509 CRLs and OCSP (RFC6960).
 * Online Certificate Status Protocol: certificate validation options include X.509 CRLs and OCSP (RFC6960).

Please change: to
 * Multiple algorithms: You can use all common, and some uncommon algorithms in your PKI. RSA, ECDSA, EdDSA, and DSA, SHA-1, SHA-2, and SHA-3. Compliant with NSA Suite B Cryptography.
 * Multiple algorithms: Common algorithms for usage in PKI includes: RSA, ECDSA, EdDSA, and DSA, SHA-1, SHA-2, and SHA-3. Compliant with NSA Suite B Cryptography.

Please change: to
 * PKCS#11 HSMs: Using the standard PKCS 11 API you can use most PKCS#11 compliant HSMs to protect the CAs’ and OCSP responders’ private keys.
 * PKCS#11 HSMs: Standard PKCS 11 compliant hardware security modules are used to protect the CAs’ and OCSP responders’ private keys.

Please change: to
 * High performance and capacity: You can build a PKI with capacity of issuing billions of certificates at a rate of several hundreds per second.
 * High capacity: Using a standard RDBMS the system have a capacity to store large amounts of issued certificates.

Primetomas (talk) 09:30, 19 April 2021 (UTC)
 * Pictogram voting keep.svg Go ahead: I have reviewed these proposed changes and suggest that you go ahead and make the proposed changes to the page.  EpicPupper 18:37, 19 April 2021 (UTC)

Implemented. Do you think this resolves the Grammatical person issue? Primetomas (talk) 06:21, 20 April 2021 (UTC)


 * I will take a look at the article today and see if the issue is resolved. EpicPupper 16:14, 22 April 2021 (UTC)

History section discussion
For discussion:

ScienceGuard suggests above to provide some history "The whole overall context is missing: the history of EJBCA, the context where it is relevant".

Would a section similar to the History section in Let's_Encrypt be good and appropriate? Something like (meta code):

---

History and Usage

The EJBCA project was started in 2001 (ref to v1.0 release post) by Tomas Gustavsson. PrimeKey, the company maintaining the project today, was incorporated in May 2002.

It has since been used to issue digital certificates for different use cases including Academia (citation), Grid Computing (citation), Energy (citation) and (other use cases with citation).

Subsection: Notable Issues

The EJBCA software has been used during some publicly noted certificate related incidents (citation to Arstechnica and The register articles)

---

I think this will answer some questions about usage and history, as well giving some critical reflection. What do people think?

Primetomas (talk) 16:37, 22 April 2021 (UTC) (note COI)
 * I like the ideaScienceGuard (talk) 14:52, 17 May 2021 (UTC)

Multiple issues
There are multiple issues identified with the article:


 * This article may be too technical for most readers to understand. (April 2021)


 * This article contains content that is written like an advertisement. (January 2021)


 * A major contributor to this article appears to have a close connection with its subject. (April 2021)


 * This article uses abbreviations that may be confusing or ambiguous. (April 2021)


 * This article uses first-person ("I"; "we") or second-person ("you") inappropriately. (April 2021)


 * This article reads like a review rather than an encyclopedic description of the subject. (April 2021)


 * This article contains a list of miscellaneous information. (April 2021)


 * This "see also" section may contain an excessive number of suggestions. Please ensure that only the most relevant links are given, that they are not red links, and that any links are not already in this article. (April 2021)


 * This article needs additional citations for verification. (April 2021)


 * This further reading section may contain inappropriate or excessive suggestions that may not follow Wikipedia's guidelines. Please ensure that only a reasonable number of balanced, topical, reliable, and notable further reading suggestions are given; removing less relevant or redundant publications with the same point of view where appropriate. Consider utilising appropriate texts as inline sources or creating a separate bibliography article. (April 2021)

I've moved them here from the "Multiple Issues" template on the main page. EpicPupper (talk) 18:21, 2 May 2021 (UTC)

Edit request - History, usage and issues

 * Reason for the change: Addressing "A good start but this article needs improvement" on the Talk page
 * Change: Add sections for Usage and History and issues. This will create citations, and move some of the links from Further reading to citations.

Suggested edit:
 * Yellow check.svg Partly done: Incorporated into lead. 🐶 EpicPupper (he/him | talk, FAQ, contribs) 18:32, 22 June 2021 (UTC)

Usage
The EJBCA software package is used to install a privately operated certificate authority. This is in contrast to commercial certificate authorities that are operated by a trusted third party. Since it's inception EJBCA has been suggested for use as CA software for different use cases, including eGovernment, endpoint management , research  , energy , eIDAS , telecom , networking and for usage in SMEs.

History and issues
The EJBCA project was started in 2001 by Tomas Gustavsson, the company now maintaining the project, PrimeKey, was incorporated in May 2002.

Issues
Certificates used as part of a IT security solution comes with risks, related to issuance and usage of certificates. Notable incidents where EJBCA was involved includes certificate expiration and compliance issues. Primetomas (talk) 09:03, 6 May 2021 (UTC)