[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [kmip] Distributed Key Management Systems Usage Guide test
Here is the updated text. 4.7 Key Replication Between Servers Key management systems may be designed to consist of multiple servers to address fault tolerance, performance, management, and communication considerations. Each server would contain the same objects and attributes. Operations made to one server would be replicated to all the other servers. 4.7.1 Architecture Considerations Some architectures permit operations to be performed even though all servers are not continuously connected. This means that an operation performed on one server may not be immediately replicated to the rest of the servers. Or different operations can be performed on the same key on different servers. Any inconsistencies may not be noticed until the servers can again communicate with each other. One example of an inconsistency is that a given key may have different states on different servers. For example, one server might consider a key with a given unique identifier to be Active, while a different server might consider the same key with the same unique identifier to be Compromised. Another example is that two different keys in different servers may end up with the same Name. Forward and backward links might also be inconsistent. Key management systems consisting of multiple servers need to be carefully designed to ensure that servers can resolve any inconsistencies that arise, and those systems that claim KMIP compliance must ensure that the resolution complies with KMIP specification. Thanks, Jeff On 8/22/2019 7:04 PM, Anthony Berglas
wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]