From 6f79b22ae2db9b9114a8300a9710e21f9068e121 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@stanford.edu>
Date: Wed, 16 Aug 2006 19:13:30 +0000
Subject: Document the requirements for the keytab backend.

---
 doc/design-schema | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'doc/design-schema')

diff --git a/doc/design-schema b/doc/design-schema
index 924196f..c82c387 100644
--- a/doc/design-schema
+++ b/doc/design-schema
@@ -93,3 +93,20 @@ ACL Backend Data
          (km_group              varchar(255)
               not null references krb5_groups(kg_name),
           km_principal          varchar(255) not null);
+
+Storage Backend Data
+
+    To support restricting the allowable enctypes for a given keytab, the
+    keytab backend will use the following table:
+
+      create table keytab_enctypes
+         (ke_principal          varchar(255)
+              not null references objects(ob_name),
+          ke_enctype            varchar(255)
+              not null references enctypes(en_name));
+
+    There is a normalization table to ensure that only supported enctypes
+    are configured:
+
+       create table enctypes
+          (en_name               varchar(255) primary key);
-- 
cgit v1.2.3