use_cases_device_off_ledger_certification.puml

@startuml
!pragma teoz true
hide footbox

actor Vendor as V
actor "ZigBee Certification / Test House" as ZB
actor User as U
entity Device as D
database Ledger as L

note over V, L
In this case Device Certification is done off Ledger:
- Device has a certification result blob when issued
- Ledger doesn't have (need to have) certification result for every device (model)
- Ledger is used to track information about revoked certifications (as transactions)
- Device's revocation needs to be checked on Ledger

The Ledger is also used as a PKI.
end note

note over L
Setup PKI (see XXX):
- Root Certificate `RootCert`
- Vendor Certificate `VendorCert(vid. pid)`
- ZigBee Certification/TestHouse Certificate `ZBTestHouseCert`
end note

== 1. Setup Model Info ==
V -> L: ADD_MODEL_INFO(vid, pid)

== 2. Issue Device ==
D -> D: generate `privKey` and `pubKey`
D -> D: X509 Device Cert `DeviceCert(vid,pid)`\nwith `pubKey`, `vid`, `pid`
V -> D: Sign `DeviceCert` by `VendorCert(vid,pid)`
ZB -> V: Attest certification of `vid` and `pid` (Cert Blob)\nsigned by `ZBTestHouseCert`
V -> D: store `CertBlob(vid, pid)` on device

== 3 Revoke Device Compliance (Optional) ==
ZB -> L: REVOKE_MODEL_CERTIFICATION(vid, pid)

== 4. Use Device ==
U <- D: Get `DeviceCert(vid, pid)`
U <- D: Get Cert Blob
U <-> D: Verify proof of privKey possession
U <-- L: GET_X509_CERT / GET_ALL_X509_ROOT_CERTS\n or GET_ALL_X509_CERTS / GET_ALL_X509_CERTS_SINCE\nor GET_CRL\nupdate cache if needed
U -> U: Verify `DeviceCert(vid, pid)` signature
U -> U: Verify `CertBlob(vid, pid)` signature
U -> U: Verify that `DeviceCert`'s `pid` and `vid`\nequals to `VendorCert`'s `pid` and `vid`\nequals to Cert Blob's `pid` and `vid`
U <-- L: GET_REVOKED_MODEL(vid, pid)\nor GET_VENDOR_REVOKED_MODELS(vid)\n or GET_ALL_REVOKED_MODELS / GET_ALL_REVOKED_MODELS_SINCE\nupdate cache if needed
U -> U: Verify that Cert Blob is not revoked
U -> D: Start using Device



@enduml