Massimiliano Pala <[EMAIL PROTECTED]> writes:
> I was discussing with some people from the OpenCA project and we do
> think that a DB support (like Berkeley DB, NDBM, GDBM) should be
> added to the ca application to store certificates' information and
> assure scalability.
>
> What do you know about openssl ca's scalability ? How many
> certificates currently supports ??
I haven't tested. I'd guess index.txt would cause some things to slow
performance (but possibly not---I'm assuming there are linear searches
around). The public keys seem to be kept in separate files in a
directory: however they get used, that's going to cause some prblems
on some filesystems.
However, I'd guess the current design is probably fine for, say, 10000
certificates. Specific applications might find the scalability a
problem, but for most purposes it's fine.
--
Bruce Stephens [EMAIL PROTECTED]
MessagingDirect(UK) Ltd <URL:http://www.MessagingDirect.com/>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
