Design Documents - dogtagpki/pki Wiki

Original URL: https://github.com/dogtagpki/pki/wiki/Design-Documents

🚨 github-wiki-see.page does not render asciidoc. Source for crawling below. Please visit the Original URL! 🚨


= General =

* link:Architecture[Architecture]
* link:Shared-Subsystem-Certificate[Shared Subsystem Certificate]
* link:Security-Domain[Security Domain]
* link:Standalone-Subsystems[Standalone Subsystems]
* link:REST-Services[REST Services]
* link:Request-ExtData-Format[Request ExtData Format]
* link:SELinux[SELinux]
* link:Authentication-Plugins[Authentication Plugins]
* link:GSS-API-Authentication[GSS-API Authentication]
* link:SSL-Audit-Design[SSL Audit Design]
* link:Access-Banner-Design[Access Banner Design]
* link:Audit-Review-and-Search-Design[Audit Review and Search Design]
* link:https://frasertweedale.github.io/blog-redhat/posts/2019-07-26-dogtag-replica-ranges.html[Dogtag replica range management]

= Certificate Authority =

* link:CMC-Update[CMC Update]
* link:Lightweight-CA[Lightweight CA]
* link:KRA-Connector[KRA Connector]
* link:Random-Certificate-Serial-Numbers[Random Certificate Serial Numbers]
** link:Random-Certificate-Serial-Numbers-v1[Random Certificate Serial Numbers v1]
** link:Random-Certificate-Serial-Numbers-v2[Random Certificate Serial Numbers v2]
** link:Random-Certificate-Serial-Numbers-v3[Random Certificate Serial Numbers v3]
* link:Publishing-Queue[Publishing Queue]
* link:LDAP-Profile-Storage[LDAP Profile Storage]

= Key Recovery Authority =

* link:Key-Storage-Mechanism[Key Storage Mechanism]
* link:AES-Encryption-Enhancements[AES Encryption Enhancements]
* link:KRA-Authentication-and-Authorization[KRA Authentication and Authorization]
* link:KRA-Fine-Grained-Authorization[KRA Fine Grained Authorization]
* link:KRA-Symmetric-Key-REST-API-Design[KRA Symmetric Key REST API Design]
* link:KRA-Transport-Key-Rotation[KRA Transport Key Rotation]

= Token Processing System =

* link:https://github.com/dogtagpki/pki/blob/master/docs/design/TPS_Token_Lifecycle.md[TPS Token Lifecycle]
* link:TPS-Profile-Lifecycle[TPS Profile Lifecycle]
* link:TPS-Database[TPS Database]
* link:TPS-External-Registration[TPS External Registration]
* link:TPS-Revocation-Routing[TPS Revocation Routing]
* link:TPS-Rewrite[TPS Rewrite]
* link:TPS-Smart-Card-Rewrite[TPS Smart Card Rewrite]
* link:TPS-UI-Elements[TPS UI Elements]
* link:TPS-UI-Development[TPS UI Development]
* link:Automated-Generation-of-Shared-Secret[Automated Generation of Shared Secret]
* link:Automated-Generation-of-Shared-Secret-v2[Automated Generation of Shared Secret v2]
* link:Server-Side-Key-Generation[Server Side Key Generation]
* link:PKI-10.3-TPS-Enhancements[PKI 10.3 TPS Enhancements]

= Tools =

* link:https://github.com/dogtagpki/pki/blob/master/docs/design/PKICertImport.md[PKICertImport]
* link:https://www.dogtagpki.org/wiki/PKI_DS_CLI[PKI DS CLI]

= Packaging =

* link:https://github.com/dogtagpki/pki/blob/master/docs/design/RPM_Dependency.md[RPM Dependency]

= See Also =

* https://github.com/dogtagpki/pki/tree/master/docs/design
* link:https://www.dogtagpki.org/wiki/PKI_Design[PKI Design]
* link:https://www.dogtagpki.org/wiki/Dogtag_Future_Directions[Dogtag Future Directions]
* link:https://www.dogtagpki.org/wiki/PKI_Wishlist[PKI Wishlist]