On Wed, Mar 10, 2010 at 9:51 PM, Adam Young ayoung@redhat.com wrote:
I should have posted to this list insted of imanage. Sorry for the dup postings, but I realized that I wouldn't get responses from the other list.
Right now there is a one to one relationship between consumer and certificate. THe id for the ConsumerIdentityCertificate is the same as the ID for the consumer. Thus, if we delete the consumer, we should delete the certificate.
Is this sufficient for revoke?
Part of me thinks that we should never throw away data: once we record a consumer, we should keep that information and just transform it into a "inactive" state, but I realize that complicates the logic, and potentially has an impact on Database size and performance.
Deleting the cert sounds ok to me.
I'm not sure but I think in our case we don't even need to worry about revoking them, all we really need certs for is to verify we're talking to the consumer we think we are. If that consumer has been deleted but it's still trying to communicate with us, we'll pull the UUID out of their un-revoked cert, and try to use it in the db, which will fail fast and hard.
Cheers,
Devan