Page tree
Skip to end of metadata
Go to start of metadata
Target releaseRelease 1.0
Document owner


The goal is to provide the CRL file from the CRL Store (a component of the MA) to the EE when requested.

Background and Strategic Fit

The EE must be aware of revoked entities.


  • One or more CRLs have been generated, signed by the CRL Generator, put into a CRL file, and has been made available to the CRL Store
  • The CRL Store is able to validate cryptographically the signature on the CRL file prior to making it available for download
    The EE is able to download the CRL by issuing a CRL HTTP get request to the CRL Store.
  • The CRL Store will not authenticate the EE, i.e., CRL Store will not require that EE sends its enrollment certificate for authentication purposes
  • OBE has successfully executed Use Case 2: OBE Bootstrapping (Manual)

Process Steps

  1. OBE downloads the CRL using the API documented in MA - Download CRL


Key Status Summary Description justification notes Component/s

Use Case 6 - Requirements

ASN.1 Specification

IEEE 1609.2 specifies CRLs in: