Target releaseRelease 1.0
Document owner
ReviewerLead designer



Goals

The CRL Generator (CRLG) is an SCMS component that signs and publishes updated Certificate Revocation Lists (CRLs). In normal operation, the CRLG receives commands from the Misbehavior Authority (MA) or the TCotSCMSM to add revoked certificates to the current CRL. The CRLG adds revocation information of the certificates to the current CRL file, signs the new file, and publishes the new CRL. The CRLG does not directly receive messages from any other SCMS back-end components. The updated CRL is published to the CRL Store.

The figure shows that the CRLG will receive messages from the MA and from the TCotSCMSM. It must also be able to publish a new CRL to one or more CRL Stores.

Process

To add a new CRLG to the SCMS, the TCotSCMSM must enable communication from the MA to the CRLG. It must also enable the CRLG to publish updated CRLs to one or more CRL Stores.

Specifically, the new CRLG must be configured with the following information:

  1. The FQDN and TLS certificate of one or more CRL Store
  2. The TLS certificate of the MA
  3. Security credentials needed to authenticate the TCotSCMSM (this may be certificate based, user name and password, or secured through privileged access to the CRLG internal storage)

When a new CRLG is added, the MA must be updated with the following information:

  1. The FQDN and TLS certificate of the CRLG

When a new CRLG is added, all CRL stores must be updated with the following information:

  1. The TLS certificate of the CRLG

End State

After completing this use case, the CRLG will be configured with the following connection information:


CRLG ValueNotes
CRL Store FQDN and TLS certificateThe CRLG requires the network address of one (or more) CRL Store. For the PoC, there will be only one CRL Store.
MA TLS Certificate

The CRLG requires the MA's TLS certificate for authentication.


After completing this use case, the MA will be configured with the following connection information:


MA ValueNotes
CRLG FQDN and TLS certificateThe MA requires the network address of one CRLG. For the PoC, there will only be one active CRLG.


After completing this use case, the CRL store will be configured with the following connection information:


CRL Store ValueNotes
CRLG TLS certificateCRL store requires the TLS certificate of one or more CRLG. For the PoC, there will only be one active CRLG.


Special Cases

The procedure described above shall be used when configuring a new CRLG. The following details define how to deal with special cases of replacing a previous CRLG component.

Assumptions

Requirements