Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5175

Support for delegated key pair generation

    Details

    • Type: Epic
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Epic Name:
      Support for delegated key pair generation
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 3

      Description

      Delegated key pair generation

      • offloads the CA service provider
      • allows peer RA machines to keep escrowed keys "in house" while connected to an external CA service provider

      The goal would be to allow a key pair generation (and optional escrow) to take place where this is authorized.

      The RA in this case should not blindly trust the CA, so the CA could fool the RA into sending private keys upstream unless this is desired.

        Attachments

        1. delegated_key_get_v000.dia
          4 kB
          Johan Eklund
        2. delegated_key_get_v000.png
          77 kB
          Johan Eklund
        3. flowchart
          3 kB
          Mike Agrenius Kushner
        4. flowchart.png
          82 kB
          Mike Agrenius Kushner
        5. Flowchart for Key Revovery
          3 kB
          Mike Agrenius Kushner
        6. Flowchart for Key Revovery.png
          76 kB
          Mike Agrenius Kushner
        7. IMG_0879.JPG
          1.46 MB
          Mike Agrenius Kushner
        8. IMG_20170403_125724.jpg
          103 kB
          Tomas Gustavsson
        9. IMG_20170425_140106.jpg
          2.44 MB
          Tomas Gustavsson
        10. IMG_3271.JPG
          1.83 MB
          Mike Agrenius Kushner
        11. IMG_5600.JPG
          1.66 MB
          Mike Agrenius Kushner
        12. IMG_8956.JPG
          1.67 MB
          Mike Agrenius Kushner

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              johan Johan Eklund
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Draw.io Diagrams

                  – Flowchart for Key Revovery
                  – flowchart