• Vincent Pelletier's avatar
    all: Major rework. · ecd07d22
    Vincent Pelletier authored
    - Re-evaluate feature set and REST API.
    - switch duration units to days, which are more meaningful than sticking to
      ISO units in this context.
    - Implement the "cau" half of "caucase".
      As a consequence flask password authentication mechanism is not needed
      anymore. As HTML UI is not required internally to caucase, and as
      sqlalchemy is not used to its full extend, get rid of these
      dependencies altogether.
    - Implement REST HTTP/HTTPS stand-alone server as a layer above WSGI
      application, and integrate HTTPS certificate issuance and renewal
      mechanism to simplify deployment: no middleware needed, so from
      gunicorn dependency.
    - Use standard python modules for http client needs.
    - Re-evaluate data retention options:
      - unsigned CSRs are kept forever
      - CRTs are stored in CSR table, and a 24 hour expiration is set
      - CA CRTs: (unchanged, expire when past validity period)
      - CRLs: (unchanged, expire when past validity period)
    - Redispatch housekeeping tasks:
      - CA renewal happens when caucase is used and renewal is needed
      - CRL is flushed when re-generated
      - CSR table (containing CRTs) is cleaned when a new CSR is received
      removing completely the need for these special periodic tasks.
    - Storage parameters are not stored persistently anymore, instead their
      effect (time offsets) is applied before storing (to protect against
      transient retention period reconfiguration from wiping data).
    - Rework storage schema.
    - Implement certificate extension propagation & filtering.
    - Implement "Certificate was auto-signed" extension.
    - More docstrings.
    - Use a CSR as a subject & extensions template instead of only allowing
      to override the subject. Useful when renewing a certificate and when
      authenticated client wants to force (ex) a CommonName in the subject.
    - Reorganise cli executable arguments to have more possible actions.
      Especially, make CA renewal systematic on command start (helps
      validating caucase URL).
    - Increase the amount of sanity checks against user-provided data (ex:
      do not upload a private key which would be in the same file as the CRT
      to renew).
    - Extend package classifiers.
    - Get rid of revocation reason, as it seems unlikely to be filled, and
      even less likely to be read later.
    - (almost) stop using pyOpenSSL. Use cryptography module instead.
      cryptography has many more features than pyOpenSSL (except for certificate
      validation, sadly), so use it. It completely removes the need to poke
      at ASN.1 ourselves, which significantly simplifies utils module, and
      certificate signature. Code is a bit more verbose when signing, but much
      simpler than before.
    - add the possibility to revoke by certificate serial
    - update gitignore
    - include coverage configuration
    - include pylint configuration
    - integrate several secondary command:
      - caucase-probe to quickly check server presence and basic
        functionality, so automated deployments can easily auto-check
      - caucase-monitor to automate key initial request and renewal
      - caucase-rerequest to allow full flexibility over certificate request
        content without ever transfering private keys
    - add a secure backup generation mechanism
    - add a README describing the design
    ecd07d22
TODO.rst 403 Bytes