Some more text in the design doc.

author: Linus Nordberg <linus@nordberg.se> 2014-03-26 15:45:03 +0100
committer: Linus Nordberg <linus@nordberg.se> 2014-03-26 15:45:03 +0100
commit: 6bc8b0b4b767fc60f653b5886fd5879c771eebc5 (patch)
tree: e02d5883d09bc4585c9b193dc7b0a2095daccbbf /doc/design.txt
parent: c5094dae44887bd108cf797272bf627a80761070 (diff)
1 files changed, 19 insertions, 2 deletions
diff --git a/doc/design.txt b/doc/design.txt
index 9007cb8..c4b5f2a 100644
--- a/doc/design.txt
+++ b/doc/design.txt
@@ -4,8 +4,25 @@ This document describes the design of catlfish, an implementation of a
 Certificate Transparency (RFC6962) log.
 
 We have
-
-- a db storing data (persistently) and replicating r/o copies to n
+- a db storing the log (persistently) and replicating r/o copies to n
   secondary nodes
 - 1 primary node writing the hash tree to the r/w db
 - n secondary nodes reading from local r/o db
+
+Nodes reply to the https requests specified in RFC 6962.
+Nodes can operate in one of two modes -- primary or secondary.
+[TODO: A secondary node can become primary. When, how?]
+
+Primary nodes
+- have write access to the ctlog database (Mnesia?) holding the hash
+  tree
+- store submitted cert chains on disk (DETS?)
+- add the stored cert chains to the hash tree and sign the tree
+  periodically (at least every 30-60 minutes or so)
+
+Secondary nodes
+- have read access to the ctlog database
+
+Open questions
+- What's a good MMD? Google seem to use an MMD of well over 1h at the
+  moment (early 2014).
author	Linus Nordberg <linus@nordberg.se>	2014-03-26 15:45:03 +0100
committer	Linus Nordberg <linus@nordberg.se>	2014-03-26 15:45:03 +0100
commit	6bc8b0b4b767fc60f653b5886fd5879c771eebc5 (patch)
tree	e02d5883d09bc4585c9b193dc7b0a2095daccbbf /doc/design.txt
parent	c5094dae44887bd108cf797272bf627a80761070 (diff)