[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pki-devel] The Why's of PKI



These are all very excellent design/architectural level questions.
We may need to dig through the old archives and figure this out if need be..

On 09/13/2011 06:41 AM, Adam Young wrote:
The Layout of the PKI project is very unusual for a Java Server application. I'm trying to understand the rationale for some of the things that were done.

looks like your discussion is centering mostly around the Java side atleast for now. We should ask the same questions for the non Java side I would think as well like TPS and RA which are currently apps on top of Apache/mod_nss and are using different instances and ports etc..


Why do we create a separate server instance for each subsystem?


You see it as a "separate instance" only if you
deploy it on the same machine which is almost always not how a customer
would do. If you are deploying it on a customer site, you would almost always
deploy CA,DRM etc on separate physical hosts mainly due to performance and
scalability and security considerations.

So even if we need to consolidate these instances onto the same "tomcat instance", or the same apache instance, we would still have the use cases where this application would need to behave as a CA or a DRM individually on different hosts. Guess that
could still be achieved by tweaking configuration.


Is a  reason to continue doing so?
Nothing comes to mind at this time. At a future major release
of the project/product, these things would be good candidates to consider revamping.


Is using different ports for CA and DRM (an so forth) merely an artifact of using multiple servers, or is there an additional reason to do so?

Same things as cited above for instances. Different ports is mainly an artifact due to creating separate instances.


Do we expect the same user to have and user different certificates for different servers, such that the certificate then becomes a union of authentication and authorization?
no

Is there a reason to separate the CA and DRM Directory servers? Is it a "best practice" to do so? What would be the implications of using a single instance for both?

I don't think so. Infact we have long been critiqued that we have been mis-using LDAP this way and the way we use VLV/indexes. We had in our blue sky ideas page to convert this and use a relational db like mysql but the usual suspects come into play - time/resources.


Is there any reason why the CA uses an LDAP server instead of a Relational Database? Do we expect people to make queries dircetyl against the CA DirSrv, or is the Database best hidden from public view?

These databases are to be restricted from public access. There's a reason why it is called "Internal Database".


Why do we split the build process up into multiple Source RPMS? Is there a reason to maintain this split?

Not that I can see.


Are there design documents or discussions for these decisions?

I have been pouring over these archives. Didn't find any that specifically answers these questions.



_______________________________________________
Pki-devel mailing list
Pki-devel redhat com
https://www.redhat.com/mailman/listinfo/pki-devel


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]