Re: [OpenCA-Devel] Database schema

Martin Bartosch Thu, 21 Jul 2005 03:41:15 -0700

Hi,

I forgot:


>>> - introduce a new table, e. g. CA
>>>   Purpose:
>>>   - identification and reference of CA certificate for internal CAs
>>>   - mapping between internal and external CAs
>>>   Attributes:
>>>   INTERNAL_CA: internal CA
>>>   EXTERNAL_CA: external CA this CA belongs to
>>>   CA_CERT_SERIAL: serial number of the CA certificate (foreign key to
>>>     the CERTIFICATE table)
>
> No comments on this? I think this is the most important change, the
> other stuff is more or less cleanup and avoidance of redundancy.

there is, of course, an argument against this and explicitly in favour
of including EXTERNAL_CA *and* INTERNAL_CA in each data object:

If you change the association of EXTERNAL_CA and INTERNAL_CA in the
table above, all previously created entries are changed implicitly.
Of course, this association *should* never be changed, an INTERNAL_CA
is not supposed to be "changing" to another EXTERNAL_CA.

If we keep the relation in all the individual database entries, we
have "historical" information about the association as it was when
the item was created, but we also keep a lot of redundancy that could
bite some time in the future.

Hmm... :-/

Martin




-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
OpenCA-Devel mailing list
OpenCA-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-devel

Re: [OpenCA-Devel] Database schema

Reply via email to