diff options
author | Matthew Harmsen <mharmsen@pki.usersys.redhat.com> | 2016-03-07 12:14:33 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@pki.usersys.redhat.com> | 2016-03-07 12:14:33 -0700 |
commit | 68bfe81d7892c26d2e9485084c430575a921bddc (patch) | |
tree | 06403a3c85d02d8dcd79e27f6a68171cc7ef9be9 /specs | |
parent | 84eaa4e575fa373ccab31a9a7f6d9c95847171b0 (diff) | |
download | pki-68bfe81d7892c26d2e9485084c430575a921bddc.tar.gz pki-68bfe81d7892c26d2e9485084c430575a921bddc.tar.xz pki-68bfe81d7892c26d2e9485084c430575a921bddc.zip |
Miscellaneous cleanup of spec files
- PKI TRAC Ticket #1701 - Removed javadocs from 'meta' package
- PKI TRAC Ticket #1099 - Rename DRM nomenclature to KRA nomenclature
Diffstat (limited to 'specs')
-rw-r--r-- | specs/dogtag-pki-theme.spec | 9 | ||||
-rw-r--r-- | specs/dogtag-pki.spec | 23 | ||||
-rw-r--r-- | specs/pki-console.spec | 4 | ||||
-rw-r--r-- | specs/pki-core.spec | 18 |
4 files changed, 21 insertions, 33 deletions
diff --git a/specs/dogtag-pki-theme.spec b/specs/dogtag-pki-theme.spec index c2abc3037..9055e800c 100644 --- a/specs/dogtag-pki-theme.spec +++ b/specs/dogtag-pki-theme.spec @@ -141,16 +141,9 @@ cd build # NOTE: Several "theme" packages require ownership of the "/usr/share/pki" -# directory because the PKI subsystems (CA, DRM, OCSP, TKS, RA, TPS) +# directory because the PKI subsystems (CA, KRA, OCSP, TKS, TPS) # which require them may be installed either independently or in # multiple combinations. -# -# Since CA, DRM, OCSP, and TKS subsystems all require the -# "dogtag-pki-common-theme" as well as their individual "themes", -# only "dogtag-pki-common-theme" needs to require this directory. -# -# However, RA and TPS subsystems still require their own individual -# ownership of this directory. %files -n dogtag-pki-server-theme %defattr(-,root,root,-) diff --git a/specs/dogtag-pki.spec b/specs/dogtag-pki.spec index 10c98bac8..2679d4dad 100644 --- a/specs/dogtag-pki.spec +++ b/specs/dogtag-pki.spec @@ -34,14 +34,6 @@ Requires: pki-symkey >= %{pki_core_version} Requires: pki-base >= %{pki_core_version} # Make certain that this 'meta' package requires the latest version(s) -# of ALL top-level Dogtag PKI support javadocs -Requires: jss-javadoc >= %{jss_version} - -# Make certain that this 'meta' package requires the latest version(s) -# of ALL Dogtag PKI core javadocs -Requires: pki-javadoc >= %{pki_core_version} - -# Make certain that this 'meta' package requires the latest version(s) # of Dogtag PKI console Requires: pki-console >= %{pki_console_version} @@ -54,24 +46,27 @@ The Dogtag Public Key Infrastructure (PKI) Suite is comprised of the following five subsystems and a client (for use by a Token Management System): * Certificate Authority (CA) - * Data Recovery Manager (DRM) + * Key Recovery Authority (KRA) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing System (TPS) * Enterprise Security Client (ESC) Additionally, it provides a console GUI application used for server and -user/group administration of CA, DRM, OCSP, and TKS, javadocs on portions -of the Dogtag API, as well as various command-line tools used to assist with -a PKI deployment. +user/group administration of CA, KRA, OCSP, and TKS, as well as various +command-line tools used to assist with a PKI deployment. -To successfully deploy instances of a CA, DRM, OCSP, TKS, or TPS, +To successfully deploy instances of a CA, KRA, OCSP, TKS, or TPS, a Tomcat Web Server must be up and running locally on this machine. -To meet the database storage requirements of each CA, DRM, OCSP, TKS, or TPS +To meet the database storage requirements of each CA, KRA, OCSP, TKS, or TPS instance, a 389 Directory Server must be up and running either locally on this machine, or remotely over the attached network connection. +Finally, although they are no longer supplied by this 'meta' package, +javadocs are available for both JSS (jss-javadoc) and portions of +the Dogtag API (pki-javadoc). + NOTE: As a convenience for standalone deployments, this 'dogtag-pki' top-level meta package supplies Dogtag themes for use by the certificate server packages: diff --git a/specs/pki-console.spec b/specs/pki-console.spec index 9b3b5ed78..38171571a 100644 --- a/specs/pki-console.spec +++ b/specs/pki-console.spec @@ -49,8 +49,8 @@ The PKI Console is a java application used to administer CS. For deployment purposes, a PKI Console requires ONE AND ONLY ONE of the following "Mutually-Exclusive" PKI Theme packages: - * dogtag-pki-theme (Dogtag Certificate System deployments) - * redhat-pki-theme (Red Hat Certificate System deployments) + * dogtag-pki-console-theme (Dogtag Certificate System deployments) + * redhat-pki-console-theme (Red Hat Certificate System deployments) %prep diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 74a3f74e3..7833a8b65 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -216,7 +216,7 @@ PKI Core contains ALL top-level java-based Tomcat PKI components: \ which comprise the following corresponding PKI subsystems: \ \ * Certificate Authority (CA) \ - * Data Recovery Manager (DRM) \ + * Key Recovery Authority (KRA) \ * Online Certificate Status Protocol (OCSP) Manager \ * Token Key Service (TKS) \ * Token Processing Service (TPS) \ @@ -500,7 +500,7 @@ Requires: tomcatjss >= 7.1.2 The PKI Server Framework is required by the following four PKI subsystems: the Certificate Authority (CA), - the Data Recovery Manager (DRM), + the Key Recovery Authority (KRA), the Online Certificate Status Protocol (OCSP) Manager, the Token Key Service (TKS), and the Token Processing Service (TPS). @@ -538,7 +538,7 @@ provided by the PKI Core used by the Certificate System. %package -n pki-kra -Summary: Certificate System - Data Recovery Manager +Summary: Certificate System - Key Recovery Authority Group: System Environment/Daemons BuildArch: noarch @@ -550,18 +550,18 @@ Requires(preun): systemd-units Requires(postun): systemd-units %description -n pki-kra -The Data Recovery Manager (DRM) is an optional PKI subsystem that can act -as a Key Recovery Authority (KRA). When configured in conjunction with the -Certificate Authority (CA), the DRM stores private encryption keys as part of +The Key Recovery Authority (KRA) is an optional PKI subsystem that can act +as a key archival facility. When configured in conjunction with the +Certificate Authority (CA), the KRA stores private encryption keys as part of the certificate enrollment process. The key archival mechanism is triggered when a user enrolls in the PKI and creates the certificate request. Using the Certificate Request Message Format (CRMF) request format, a request is generated for the user's private encryption key. This key is then stored in -the DRM which is configured to store keys in an encrypted format that can only +the KRA which is configured to store keys in an encrypted format that can only be decrypted by several agents requesting the key at one time, providing for protection of the public encryption keys for the users in the PKI deployment. -Note that the DRM archives encryption keys; it does NOT archive signing keys, +Note that the KRA archives encryption keys; it does NOT archive signing keys, since such archival would undermine non-repudiation properties of signing keys. This package is one of the top-level java-based Tomcat PKI subsystems @@ -678,7 +678,7 @@ TPS is designed to communicate with tokens that conform to Global Platform's Open Platform Specification. TPS communicates over SSL with various PKI backend subsystems (including -the Certificate Authority (CA), the Data Recovery Manager (DRM), and the +the Certificate Authority (CA), the Key Recovery Authority (KRA), and the Token Key Service (TKS)) to fulfill the user's requests. TPS also interacts with the token database, an LDAP server that stores |