As the SCMS system evolves, it is necessary that SCMS components can be added and removed.
This includes Root CAs. For the PoC, there will be only one Root CA. To manage Roots CAs, (e.g., to add and remove them) the SCMS will employ a multi-Elector system. In this scheme, there are a number of electors. These entities are trust anchors but also vote to manage Root CAs, i.e., to remove or add a new Root CA. The SCMS Manager coordinates the electors. An operation on a Root CA (addition or revocation) will require a message signed by some given number of electors. The exact number of electors needed to perform addition or revocation is a fixed quorum m. The public keys of the electors will be installed into the trust stores of every SCMS component, including the OBEs. In the PoC, electors will be implemented to be manual processes, and the Root Management messages signed by electors will be generated by manual means for testing the management of the Roots CAs.
Scenario 1, Day 2: Process to Revoke an Elector while Maintaining Functionality
Scenario 1, Day 3: System Functional for Period of Time with Two Root Endorsers
Scenario 1, Day 4: Introduction of Replacement Elector
Scenario 1, Day 5: Steady State Operations after the Introduction of Replacement Elector
Scenario 2, Day 2: Prepare New Root CA
Scenario 2, Day 3: Generate New Certificates for all SCMS Components & Distribute
Scenario 2, Day 4: Revoke Root CA
Scenario 2, Day 5: Condition of SCMS while Root CA is Revoked
Scenario 2, Day 6: EEs Updated with New Root Certificate, New Enrollment Certificate and New Pseudonym Certificates