View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000307110000-012: DiscoverySpecpublic2015-05-20 08:292015-05-26 15:57
ReporterRandy Armstrong Assigned ToRandy Armstrong  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version1.03 
Target Version1.03Fixed in Version1.03 
Summary0003071: Need a better way to represent multiple TrustLists/Certificates in the Push Model
Description

the certificate management functions need to be changed before the release.
It is not possible to configure certificate/privatekey for a specific endpoint.

I know that you have proposed a workaround for creating subtypes for the certificate types like RSA2048extern, RSA2048intern, but this is really a bad hack. Endpoint selection is no type information.

Assuming you have 5 endpoints and 3 certificate types this would require 15 new subtypes. This just makes no sense and we should avoid such hacks already in the 1st version of the spec. It's not too late.

My recommendation:

  • Allow to configure n certificate stores. A store consists of
    • own certificate
    • own private key
    • trust list
    • issuer list
  • Allow to configure n endpoints
  • Each endpoint can get assigned a specific store

this way (if certificate types allow it) you can create multiple endpoints which use the same store OR you can create a different stores for each endpoint (let the reason be a different identity or a different trustlist configuration)

This is exactly how it works in the settings.conf of our SDK.
See attached file.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

has duplicate 0003072 closedRandy Armstrong Need a better way to represent multiple TrustLists/Certificates in the Push Model 

Activities

Randy Armstrong

2015-05-20 08:32

administrator   ~0006078

Introduced the concept of CertificateGroups which combines a TrustList with a list of Certificate slots. RC 56 posted with the changes.

Jim Luth

2015-05-26 15:56

administrator   ~0006081

Agreed to change made in telecon.

Issue History

Date Modified Username Field Change
2015-05-20 08:29 Randy Armstrong New Issue
2015-05-20 08:29 Randy Armstrong Status new => assigned
2015-05-20 08:29 Randy Armstrong Assigned To => Randy Armstrong
2015-05-20 08:31 Randy Armstrong Relationship added has duplicate 0003072
2015-05-20 08:32 Randy Armstrong Note Added: 0006078
2015-05-20 08:32 Randy Armstrong Status assigned => resolved
2015-05-20 08:32 Randy Armstrong Resolution open => fixed
2015-05-26 15:56 Jim Luth Note Added: 0006081
2015-05-26 15:56 Jim Luth Status resolved => closed
2015-05-26 15:56 Jim Luth Fixed in Version => 1.04
2015-05-26 15:57 Jim Luth Fixed in Version 1.04 => 1.03