[Freeipa-devel] [Design Review Request] V4/Automatic_Certificate_Request_Generation
Simo Sorce
simo at redhat.com
Mon Jul 25 09:07:50 UTC 2016
On Mon, 2016-07-25 at 10:50 +0200, Jan Cholasta wrote:
> Anyway, my main grudge is that the transformation rules shouldn't
> really
> be stored on and processed by the server. The server should know the
> *what* (mapping rules), but not the *how* (transformation rules). The
> *how* is an implementation detail and does not change in time, so
> there's no benefit in handling it on the server. It should be handled
> exclusively on the client, which I believe would also make the whole
> thing more robust (it would not be possible for a bug on the server
> to
> break all the clients).
W/o entering in specific +1 as a general comment on this.
If it can be done on the client, probably better be done there.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list