Red Hat releases security code

By Dave Nixon

Red Hat has issued the source code for its identity-management and security system to maintain its assertion that open-source software provides the most secure infrastructure.

The Linux vendor said it had released the complete source code for the Red Hat Certificate System, its security framework for running user identities that it had acquired the system from AOL three years ago. Beforehand, only items of the system, which uses the Apache web server and the Red Hat Directory Server, were open source.

In accordance with a blog post by Red Hat’s security team, the move “further demonstrates Red Hat’s conviction that the open source development model creates extra secure software.” In addition to offering the Red Hat Certificate System to users of its Red Hat Enterprise Linux product, the company also uses it internally.

The team stated now that the system is open source, it will be simpler for developers to incorporate the technology with other security- and network management-related projects from Red Hat.

One of those is the freeIPA project, which offers central management of identity, policy and auditing for Unix and Linux using open-source and open-standards technologies. According to Red Hat, by integrating technology from the certificate system, the freeIPA project ultimately will provide central management and provisioning for machine and service digital certificates.