Design Documents - dogtagpki/pki GitHub Wiki Overview PKI 10.9 Design Documents PKI 10.8 Design Documents PKI 10.7 Design Documents PKI 10.6 Design Documents PKI 10.5 Design Documents PKI 10.4 Design Documents PKI 10.3 Design Documents PKI 9 Design Documents PKI 1 Design Documents General PKI Feature Template Architecture Stateful Architecture Shared Subsystem Certificate Security Domain Standalone Subsystems REST Services Request ExtData Format SELinux Authentication Plugins GSS-API Authentication Dogtag replica range management Database Upgrade Framework Database Upgrade Use Cases Proposal to Separate Existing Single PKI Source Repository into Multiple PKI Source Repositories Proposal to Combine Multiple SRPMS into a Single SRPM PKI Interface Design (Legacy) PKI Instance Deployment Merging IPA and Dogtag Databases Merging CA and KRA Instances Dogtag 10: Single Merged CA, KRA, OCSP, and TKS Instance Interactive Installation Cleaning up the UI theme packages Customization Continuous Integration Testing Framework for Dogtag Support NSSDB in Python API IP Port Separation Top-Level Tree PKI Client Python API Design Unit Testing Framework Differences between NSS and OpenSSL X509 Certificates Differences between NSS and OpenSSL CRLs Separating Default PKI Instance Creation from PKI Subsystem Packaging Jenkins CI Design PKI Server Directory Structure Deployment PKI Systemd Service PKI Containerization Logging Logging Frameworks Signed Audit Design Packaging RPM Dependency Packaging (Proposal) Tools PKICertImport PKI DS CLI Certificate Authority CA Web Application CA Database CA Database Pruning Certificate Transparency Logging Lightweight CA KRA Connector Random Certificate Serial Numbers Random Certificate Serial Numbers v1 Random Certificate Serial Numbers v2 Random Certificate Serial Numbers v3 Publishing Queue LDAP Profile Storage Key Recovery Authority KRA Database Key Storage Mechanism KRA Authentication and Authorization KRA Fine Grained Authorization KRA Symmetric Key REST API Design KRA Transport Key Rotation OCSP Responder OCSP Database Token Key Service TKS Database Token Processing System TPS Token Lifecycle TPS Profile Lifecycle TPS Database TPS External Registration TPS Revocation Routing TPS Rewrite TPS Smart Card Rewrite TPS UI Elements TPS UI Development Automated Generation of Shared Secret Automated Generation of Shared Secret v2 Server Side Key Generation See Also https://github.com/dogtagpki/pki/tree/master/docs/design Dogtag Future Directions PKI Wishlist PKI Release Notes ⚠️ **GitHub.com Fallback** ⚠️