Difference between revisions of "Dogtag"
(→Proposals) |
(→Designs) |
||
| Line 153: | Line 153: | ||
* [[Javadocs | On-line Dogtag Javadocs]] | * [[Javadocs | On-line Dogtag Javadocs]] | ||
== Designs == | == Designs == | ||
| + | [[PKI Design]] | ||
The following designs are for a future version of Dogtag: | The following designs are for a future version of Dogtag: | ||
* [[PKI Interface Design (Legacy)]] | * [[PKI Interface Design (Legacy)]] | ||
Revision as of 22:19, 15 November 2017
Contents
Roadmap
Dogtag will be undergoing some exciting new changes to make it easier to be integrated with other projects.
For a roadmap of these changes, see Dogtag Future Directions.
Source Code
Dogtag source code is managed via the Git Revision Control System and can be viewed at the pki.git repository:
- Dogtag 10.4 (master)
- Dogtag 10.3 (maintenance branch)
- Dogtag 10.2 (maintenance branch)
- Dogtag 10.2.6 (maintenance branch)
- Dogtag 10.2.5 (maintenance branch)
- Dogtag 10.2.4 (maintenance branch)
- Dogtag 10.2.3 (maintenance branch)
- Dogtag 10.2.2 (maintenance branch)
- Dogtag 10.2.1 (maintenance branch)
- Dogtag 10.2.0 (maintenance branch)
- Dogtag 10.1 (maintenance branch)
-
Dogtag 10.0 (maintenance branch) -
Dogtag 9.0 (maintenance branch)
Revised Branch Names
On September 16, 2014, the PKI git repository branches were renamed to follow our new naming conventions:
| ORIGINAL BRANCH NAME | NEW BRANCH NAME |
|---|---|
| remotes/origin/DOGTAG_10_0_BRANCH | remotes/origin/DOGTAG_10_0_BRANCH |
| remotes/origin/IPA_V3_RHEL_7_ERRATA_BRANCH | remotes/origin/DOGTAG_10_0_RHEL_BRANCH |
| remotes/origin/DOGTAG_10_1_BRANCH | remotes/origin/DOGTAG_10_1_BRANCH |
| remotes/origin/IPA_V4_RHEL_7_1_ERRATA_BRANCH | remotes/origin/DOGTAG_10_1_RHEL_BRANCH |
| 'master' 7cf3bd73a7c41d8633fb2a92053a55e0e36a4925 | remotes/origin/DOGTAG_10_2_RHEL_BRANCH |
| remotes/origin/DOGTAG_9_BRANCH | remotes/origin/DOGTAG_9_0_BRANCH |
| remotes/origin/IPA_v2_RHEL_6_ERRATA_BRANCH | remotes/origin/DOGTAG_9_0_RHEL_BRANCH |
| remotes/origin/RHEL_7_0_BRANCH | |
| remotes/origin/RHEL_7_BRANCH | |
| remotes/origin/autoformat | |
| remotes/origin/autoformat2 | |
| remotes/origin/HEAD -> origin/master | remotes/origin/HEAD -> origin/master |
| remotes/origin/master | remotes/origin/master |
The following table shows the corresponding platform vs. product version vs. branch names:
The following describes the branching philosophy associated with packaging:
Example of Updating an Existing Branch that has been Previously Checked-Out
(1) Identify the local branch
# git branch IPA_V3_RHEL_7_ERRATA_BRANCH
(2) Rename the local branch
# git branch -m IPA_V3_RHEL_7_ERRATA_BRANCH DOGTAG_10_0_RHEL_BRANCH
(3) Identify the local branch
# git branch DOGTAG_10_0_RHEL_BRANCH
(4) Attempt to update the local branch from the remote branch
# git pull . . . Your configuration specifies to merge with the ref 'IPA_V3_RHEL_7_ERRATA_BRANCH' from the remote, but no such ref was fetched.
(5) Setup remote upstream tracking on the branch you just renamed
# git branch -u origin/DOGTAG_10_0_RHEL_BRANCH Branch DOGTAG_10_0_RHEL_BRANCH set up to track remote branch DOGTAG_10_0_RHEL_BRANCH from origin.
(6) Attempt to update the local branch from the remote branch
# git pull Already up-to-date.
Platform
This new version of Dogtag will begin development using 64-bit x86_64 Fedora 16.
Third-Party Components
Much of this new version of Dogtag will be based upon the following versions of these major third-party components:
and will make use of the following third-party technologies:
Dogtag will also utilize the following third-party components:
Development Tools
Development of this new version of Dogtag will take advantage of the following development tools:
Javadocs
Designs
PKI Design The following designs are for a future version of Dogtag:
- PKI Interface Design (Legacy)
- PKI Instance Deployment
- Merging IPA and Dogtag Databases
- Merging CA and KRA Instances
- Packaging
- Migrating Dogtag 9 Instances to Dogtag 10
- Cleaning up the UI theme packages
- Enhancing DRM connector setup/removal code
- 8.1_installer_work_for_cloning
- CLI
- Interactive Installation
- Customization
- CMake
- RESTEasy
- JUnit
- Authentication
- Random Certificate Serial Numbers
- Randomized Validity
- TPS Revocation Routing
- Automated generation of Shared Secret
- Continuous Integration Testing Framework for Dogtag
- Support NSSDB in PKI's Python API (WIP)
Features should begin utilizing the following template:
- Stand-alone PKI Subsystems
- DRM Transport Key Rotation (and associated DRM Transport Key Rotation Procedures)
- IP Port Separation
- Enhancing DRM Authentication and Authorization
- Sharing Subsystem Cert
- Top level basedn
Proposals
- Proposal to Separate Existing Single PKI Source Repository into Multiple PKI Source Repositories
- Proposal to Combine Multiple SRPMS into a Single SRPM
Resources for Client Developers
- REST interfaces in Dogtag
- More details about REST interfaces in Dogtag
- Python Key Client
- Java Key Client
- Dogtag 10 Python Cert Client API
- Dogtag 10 Python Profile Client API
Releases
'How-To' Procedures
- How to run 'tkstool' to manually generate and use a shared key between a Tomcat7-based TKS instance and an Apache-based TPS instance
- How to run 'tpsclient' to verify communication between a Tomcat7-based TKS instance and an Apache-based TPS instance
- How to apply a theme to a previously installed PKI server instance
Miscellaneous
The fedorahosted.org sunset on Tuesday, February 28, 2017; this involved migration of the numerous products away from the use of its TRAC Issue Trackers, storage of various SVN and GIT repositories, and movement away from TRAC Wiki material:
