user (
	id,
	name VARCHAR NOT NULL UNIQUE,
	sha512_password BLOB NULL % only for system admins
	admin BOOLEAN NOT NULL
);

key (
	id,
	name VARCHAR NOT NULL UNIQUE,
	fingerprint VARCHAR NOT NULL UNIQUE
);

key_access (
	id,
	key_id NOT NULL REFERENCES key(id),
	user_id NOT NULL REFERENCES user(id),
	encrypted_passphrase BLOB NOT NULL % created using gpg --symmetric
	key_admin BOOLEAN NOT NULL,
	CONSTRAINT UNIQUE (key_id, user_id)
);

server configuration:
* NSS database directory
* bridge address, port
  ? server port to be checked by bridge?
* bridge CA
  ? bridge certificate?
* client CA
* server certificate/key
  ? handle passphrase on boot?
* log file
  ? support rotation? don't interfere with rotation?
* log host, port
  ? what mechanism?

bridge configuration:
* server CA
  ? server address, port for checking?
  ? server certificate?
* client CA
* FAS path
* FAS group for key server users
* log file

client configuration:
* bridge CA
* server CA
  ? server certificate?
* bridge host,port