Re: [Pki-devel] The Why's of PKI
On 09/13/2011 05:48 PM, Andrew Wnuk wrote:
On 09/13/2011 06:41 AM, Adam Young wrote:
> The Layout of the PKI project is very unusual for a Java Server
> application.
> I'm trying to understand the rationale for some of the things that
> were done.
>
> Why do we create a separate server instance for each subsystem?
Because each subsystem is a standalone server.
I'm not sure if it needs to be a stand alone server. It was designed and
implemented as such
starting 10 years ago. It might be very well be a separated name space
uri inside the same tomcat instance.
> Is a reason to continue doing so?
It provides great flexibility in deploying Certificate Server
The same level of flexibility can be achieved even with a single tomcat
instance provided that instance configuration at install time takes care
of tweaking stuff.
>
> Is using different ports for CA and DRM (an so forth) merely an
> artifact of using multiple servers, or is there an additional reason
> to do so?
Pkicreate tool allows selecting any ports. Pkicreate also suggests
ports for out of the box ease of use.
>
> Do we expect the same user to have and user different certificates
> for different servers,
This is a matter of deployment strategy.
> such that the certificate then becomes a union of authentication and
> authorization?
Certificates are the source of identity. Authorization is a separate
process based on verified identity.
>
> Is there a reason to separate the CA and DRM Directory servers?
Protection of archived keys.
They could even stay protected - if there's a plan to consolidate.
In my mind Separation != protection.
> Is it a "best practice" to do so? What would be the implications
> of using a single instance for both?
>
> Is there any reason why the CA uses an LDAP server instead of a
> Relational Database?
X509 certificates are using the same distinguished names as LDAP.
Many identity products are based on directories.
Provides very secure access options.
Provides robust replication over secure channel.
> Do we expect people to make queries dircetyl against the CA DirSrv,
No
> or is the Database best hidden from public view?
>
> Why do we split the build process up into multiple Source RPMS?
> Is there a reason to maintain this split?
>
> Are there design documents or discussions for these decisions?
Yes, please look for "Legacy Certificate Management System Website" on
the internal CS wiki.
Sorry I dug through that pile. None answered the first question still so
far for me. Why are these separate instances to begin with ?.
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel