[Pki-devel] The Why's of PKI

Chandrasekar Kannan ckannan at redhat.com
Wed Sep 14 12:31:57 UTC 2011 

On 09/13/2011 05:48 PM, Andrew Wnuk wrote:
> On 09/13/2011 06:41 AM, Adam Young wrote:
>> The Layout of the PKI project is very unusual for a Java Server 
>> application.
>
>> I'm trying to understand the rationale for some of the things that 
>> were done.
>>
>> Why do we create a separate server instance for each subsystem?
>
> Because each subsystem is a standalone server.

I'm not sure if it needs to be a stand alone server. It was designed and 
implemented as such
starting 10 years ago. It might be very well be a separated name space 
uri inside the same tomcat instance.


>
>> Is a  reason to continue doing so?
>
> It provides great flexibility in deploying Certificate Server

The same level of  flexibility can be achieved even with a single tomcat 
instance provided that instance configuration at install time takes care 
of tweaking stuff.

>
>>
>> Is using different ports for CA and DRM (an so forth)  merely an 
>> artifact of using multiple servers, or is there an additional  reason 
>> to do so?
>
> Pkicreate tool allows selecting any ports.  Pkicreate also suggests 
> ports for out of the box ease of use.
>
>>
>> Do we expect the same user to have and user different certificates 
>> for different servers,
>
> This is a matter of deployment strategy.
>
>> such that the certificate then becomes a union of authentication and 
>> authorization?
>
> Certificates are the source of identity.  Authorization is a separate 
> process based on verified identity.
>
>>
>> Is there a  reason to separate the CA and DRM Directory servers?
>
> Protection of archived keys.

They could even stay protected - if there's a plan to consolidate.
In my mind Separation != protection.

>
>>   Is it a "best practice" to do so?  What would be the implications 
>> of using a single instance for both?
>>
>> Is there any reason why the CA uses an LDAP server instead of a 
>> Relational Database?
>
> X509 certificates are using the same distinguished names as LDAP.
> Many identity products are based on directories.
> Provides very secure access options.
> Provides robust replication over secure channel.
>
>>   Do we expect people to make queries dircetyl against the  CA  DirSrv,
>
> No
>
>> or is the Database best hidden from public view?
>>
>> Why do we split the build process up into multiple Source RPMS?
>
>>   Is there a reason to maintain this split?
>>
>> Are there design documents or discussions for these decisions?
>
> Yes, please look for "Legacy Certificate Management System Website" on 
> the internal CS wiki.

Sorry I dug through that pile. None answered the first question still so 
far for me. Why are these separate instances to begin with ?.


>
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel

More information about the Pki-devel mailing list