[glue-wg] Endpoint.TrustedCA and ComputingEndpoint.TrustedCA Inconsistency in GFD147
stephen.burke at stfc.ac.uk
stephen.burke at stfc.ac.uk
Thu Nov 1 15:50:08 EDT 2012
JP Navarro [mailto:navarro at mcs.anl.gov] said:
> Could these strings be a hash of a DN?
That wouldn't help much, the problem is the number of CAs more than the length of each one.
> How many TrustedCAs are we thinking might need to be published for each
> endpoint, and how much data is that really? Do we think it would
> significantly impact the performance of our information systems to publish
> multiple collections of TrustedCA strings?
At a quick count, I get 89 CAs and about 5 KB of data, compared with about 2 KB currently in an Endpoint - and that for something for which, as far as I know, we have no uses, and which would be duplicated several thousand times over. For the BDII I think publishing that would not make any sense.
Stephen
--
Scanned by iCritical.
More information about the glue-wg
mailing list