Infrastructure/RFR/FedoraCertificateSystem

= Project Sponsor = Name: Red Hat Identity Management

Wiki Name: http://pki-svn.fedora.redhat.com/wiki/Main_Page

Infrastructure Sponsor: Red Hat / Jesse Keating / Mike McGrath

Owners/Contacts @ Red Hat: Thomas Kwan, Matt Harmsen, Steve Parkinson, Margaret Lum

= Project Info = Project Name: Certificate System

Target Audience: folks interested in Open Source PKI software

Expiration Date (required): indefinite

Description/Summary: This project is an enterprise-class Open Source Certificate System for Linux, supporting certificate management, key archival, OCSP support and smartcard life-cycle management.

Project plan (Detailed) and Goals: Review documentation here: http://pki-svn.fedora.redhat.com/wiki/Documentation.

= Specific resources needed =

1) We require an svn.fedoraproject.org instance for the following repository: svn.fedoraproject.org/identity

Access groups are limited as the following:

1) For /identity/pki

1a) Fedora account users NOT in svnpki/svnpki-admin - redhat.com only, we stage source

1b) svnpki - read-write

1c) svnpki-admin - read-write

We require ACLs for Fortitude as well:

2) For /identity/fortitude

2a) Fedora account users: read-only access to the fortitude modules (once they're imported)

2b) svnfortitude - read-write

2c) svnfortitude-admin - read-write

3) For For /identity/common [common components agnostic of products (but required by the products)]

3a) Fedora account users: read-only access to the common modules (once they're imported)

3b) svnidmcommon - read-write

3c) svnidmcommon-admin - read-write

The subdirectories (modules) of the 'identity' repository will need to be updated for each ACL, so only svnpki* has access to the pki module(s), and svnfortitude* has access to its respective modules.

= Additional Info =

Please contact me further for enabling the ACLs on each repository. Initially, I would like these to be temporarily limited to redhat.com Fedora users, while we start importing code into the repository. Also, must I submit RFRs for code imports, or can I import these directly?