dulcep

Implement distribution of CA from Membership Services accross different servers

8

Consider splitting the CAs to allow them to be distributed across different servers / ports, and potentially add local admin interfaces. This allows to have each CA running on a...

Incorporate logging with different granularities

1

Implement different log granularity for different parts of the CA (ECA, TCA, TLSCA)

Separation of transaction creation and generation of TCerts

11

Eliminate TCert generation in the middle of a transaction creation. i.e. avoid calling the TCA in the middle of a transaction in order to request the generation of a batch...

Generation of keys used to encrypt EnrollmentID and Attributes

1

Generation of TCerts needs to include the generation of keys to encrypt EnrollmentID and attributes, such keys must be unique per TCert. Related to #888

Incorporation of EnrollmentID into TCerts

2

Currently TCert structure does not include “EnrollmentID”. Encrypted EnrollmentID need to be added to the TCert. They are encrypted to support privacy and un-linkability.