[Pki-devel] [PATCH] 198-203 patches to address multiple issues in KeyResource server and client code.
Ade Lee
alee at redhat.com
Wed Feb 26 15:10:09 UTC 2014
Sticking with client_key_id. Pushed to master.
On Tue, 2014-02-25 at 14:16 -0600, Endi Sukma Dewata wrote:
> On 2/24/2014 4:47 PM, John Magne wrote:
> > ACK 201, comments below:
> >
> > ACK for patch #201. Some comments:
> >
> > 1. Are we going to change the attribute name in the LDAP database? If so
> > do we need to upgrade the existing database?
> >
> > I can see a case for leaving this the same. The user won't have big use
> > to look at the ldap.
>
> Yeah, we don't have to upgrade the database now. But in the long term it
> would be nice to have an attribute name that matches the client API.
>
> > On the second thought, what do you think about using "key label" instead
> > of "client key ID"? So Key ID would remain the unique identifier for the
> > key, and the Key Label would be an identifier but it's not unique. No
> > need to redo the whole patch, just search & replace the patch. I can
> > help with this.
>
> > I think alee has done enough. The new name sounds fine to me. :) I don't think
> > having ID in the name automatically implies that the uniqueness on the key itself.
> > It's more for the client to identify a set of keys with one being the active one.
>
> Either name is fine. I just thought "label" is simpler. If we decided to
> use label I can help make the changes, no extra work for alee :)
>
More information about the Pki-devel
mailing list