summaryrefslogtreecommitdiff
path: root/source
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2020-12-29 13:54:36 +0100
committerJan Dittberner <jandd@cacert.org>2020-12-29 13:54:36 +0100
commitfe4d884ca959f1774a19847a27c43df91dd6b83c (patch)
tree60c69e8d1b80b756bd347d98a6aa2ac4698a9087 /source
parent6183b05c3dc61c4fee54a0ef8a5816a9f4d1ba65 (diff)
downloadcacert-codedocs-fe4d884ca959f1774a19847a27c43df91dd6b83c.tar.gz
cacert-codedocs-fe4d884ca959f1774a19847a27c43df91dd6b83c.tar.xz
cacert-codedocs-fe4d884ca959f1774a19847a27c43df91dd6b83c.zip
Add glossary entries, detail logging ideas
Diffstat (limited to 'source')
-rw-r--r--source/future.rst20
-rw-r--r--source/glossary.rst10
2 files changed, 25 insertions, 5 deletions
diff --git a/source/future.rst b/source/future.rst
index a3983b8..479b3cf 100644
--- a/source/future.rst
+++ b/source/future.rst
@@ -29,11 +29,10 @@ Proper ASN.1 handling
=====================
Current PKI standards like :rfc:`5280` or the `CAB forum's baseline requirements`_
-mandate the integrity of the `ASN.1`_ objects in certificates. These standards
+mandate the integrity of the :term:`ASN.1` objects in certificates. These standards
move towards UTF8String representation of names and have some strict validation
rules that can only be implemented by handling ASN.1 directly.
-.. _ASN.1: https://www.itu.int/en/ITU-T/asn1/Pages/introduction.aspx
.. _CAB forum's baseline requirements: https://cabforum.org/baseline-requirements/
Implications
@@ -51,8 +50,8 @@ Cleaner separation between components
Separation of components improves the maintainability and reduces hard
dependencies between parts of the system. Each data store (filesystem, database
or message bus) should only belong to one component. All other components should
-access required data by using :term:`API`s provided by the application that
-owns the data store.
+access required data by using :term:`APIs <API>` provided by the application
+that owns the data store.
Implications
------------
@@ -181,3 +180,16 @@ automated tests for critical functionality
Consistent logging
------------------
+
+Our applications should log in a consistent format so that logs can be aggregated
+this is especially important with distributed applications.
+
+Log information should consist of at least the following information
+
+- Timestamp (same timezone on all machines, ideally UTC)
+- Log level (the level definition should be consistent)
+- Source of the log (code file / module and if possible line)
+- Error code (if an error occurred)
+- Request identifier
+- Message
+- Traceback / stacktrace in case of unhandled errors
diff --git a/source/glossary.rst b/source/glossary.rst
index b3b2383..ad38a21 100644
--- a/source/glossary.rst
+++ b/source/glossary.rst
@@ -13,4 +13,12 @@ Glossary
identifying revoked certificates that is signed by a CA or CRL
issuer and made freely available in a public repository. Each
revoked certificate is identified in a CRL by its certificate serial
- number. \ No newline at end of file
+ number.
+
+ API
+ Application programming interface
+
+ ASN.1
+ Abstract syntax notation one
+
+ See https://www.itu.int/en/ITU-T/asn1/Pages/introduction.aspx \ No newline at end of file