Public registry usage scenario

A typical scenario for the use of the public registry would be to use these services so that the public registry of a particular MQe node builds up a store of the most frequently needed mini-certificates as they are used.

A simple example of this is to setup an MQe client to automatically get the mini-certificates of other authenticatable entities that it needs, from its MQe home server, and then save them in its public registry.

Secure feature choices

It is the Solution creator's choice whether to use the public registry active features for sharing and getting mini-certificates between the public registries of different MQe nodes.

The alternative to this intelligent replication may be to have an out-of-band utility to initialize an MQe node's public registry with all required mini-certificates before enabling any secure services that uses them.

Selection criteria

Out-of-band initialization of the set of mini-certificates available in an MQe node's public registry may have advantages over using the public registry active features in the case where the solution is predominantly asynchronous and the synchronous connection to the MQe node's home server may be difficult. But in the case where this connection is more likely to be available, the public registry's active mini-certificate replication services are useful tools to automatically maintain the most useful set of mini-certificates on any MQe node public registry.


Terms of use | WebSphere software

(c) Copyright IBM Corporation 2004, 2005. All rights reserved.