KRA: disable synchronous key recovery

dogtagpki / pki

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.

https://www.dogtagpki.org

GNU General Public License v2.0

371 stars 137 forks source link

KRA: disable synchronous key recovery #2046

Open pki-bot opened 4 years ago

pki-bot commented 4 years ago

This issue was migrated from Pagure Issue #1487. Originally filed by cfu (@cfu) on 2015-07-14 23:50:09:

Assigned to nobody

this old feature has proven to be awkward to use. I also recall finding a major issue where if the process has been initiated, if the system is shutdown, it cannot be brought back up...something like that. The asynchronous key recovery has successfully replaced this synchronous key recovery mechanism, and I suggest we disable the synchronous one.

pki-bot commented 4 years ago

Comment from mharmsen (@mharmsen) at 2015-07-20 20:57:14

Per CS/DS meeting of 07/20/2015: 10.3 (make switch to disable?)

cfu to file a doc bug to mark this as deprecated

Bugzilla Bug 1244965 - Doc: mark synchronous key recovery feature "deprecated"
aakkiang to adjust test plans accordingly

pki-bot commented 4 years ago

Comment from cfu (@cfu) at 2017-02-27 14:01:02

Metadata Update from @cfu:

Issue set to the milestone: UNTRIAGED