Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5175

Support for delegated key pair generation

    Details

    • Type: Epic
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Epic Name:
      Support for delegated key pair generation
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 3

      Description

      Delegated key pair generation

      • offloads the CA service provider
      • allows peer RA machines to keep escrowed keys "in house" while connected to an external CA service provider

      The goal would be to allow a key pair generation (and optional escrow) to take place where this is authorized.

      The RA in this case should not blindly trust the CA, so the CA could fool the RA into sending private keys upstream unless this is desired.

        Attachments

        1. delegated_key_get_v000.dia
          4 kB
        2. delegated_key_get_v000.png
          delegated_key_get_v000.png
          77 kB
        3. flowchart
          3 kB
        4. flowchart.png
          flowchart.png
          82 kB
        5. Flowchart for Key Revovery
          3 kB
        6. Flowchart for Key Revovery.png
          Flowchart for Key Revovery.png
          76 kB
        7. IMG_0879.JPG
          IMG_0879.JPG
          1.46 MB
        8. IMG_20170403_125724.jpg
          IMG_20170403_125724.jpg
          103 kB
        9. IMG_20170425_140106.jpg
          IMG_20170425_140106.jpg
          2.44 MB
        10. IMG_3271.JPG
          IMG_3271.JPG
          1.83 MB
        11. IMG_5600.JPG
          IMG_5600.JPG
          1.66 MB
        12. IMG_8956.JPG
          IMG_8956.JPG
          1.67 MB

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              johan Johan Eklund
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Draw.io Diagrams

                  – Flowchart for Key Revovery
                  – flowchart