> Brief summary (or pointer to a task) indicating how it is intended to be used (application or service)
Can i request a new database to store signed certificates managed by pki.discovery.wmnet
Previewed queries per second (worse case secenario)
In the initial deployment queries will only be issued when a new signed certificate is generated. In a later phase when adding OCSP support we will need to generate the OCSP response periodicity. however i suspect the period will be unlikely to be more then 1/min.
Total space needed and growth provision
Each entry will comprise of the signed certificate which is likely to be between 500B -> 4KB. If we assume every servers had 10 signed certs using RSA4096 we would need ~ 100MB
Availability constraints (can it suffer downtimes for maintenance?)
We could suffer short periods of downtime, the impact would be that no new certs could be signed and the OSCP database could not be generated. The later not been much of an issue due to the former
Owner person or (preferred) team to contact
pki or cfssl (can use something elses if needed)
User or users' names and their grants needed (recommended to separate admin accounts from service accounts, with limited rights)
The user will need the ability to create, insert, delete update and alter.
required daily should be sufficient
From which ips the services will be accessed from (mysql client locations)
Please let me know if i have missed anything