forked from zigbee-alliance/distributed-compliance-ledger
-
Notifications
You must be signed in to change notification settings - Fork 0
/
use_cases_pki.puml
36 lines (27 loc) · 1.03 KB
/
use_cases_pki.puml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
@startuml
!pragma teoz true
hide footbox
actor "Root Authority" as RA
actor "Zigbee Alliance Trustee 1" as T1
actor "Zigbee Alliance Trustee N" as TN
actor Vendor as V
database Ledger as L
== Add a Root Certificate ==
RA -> L: PROPOSE_ADD_X509_ROOT_CERT
RA <-> T1: Proof of privKey possession
T1 -> L: APPROVE_ADD_X509_ROOT_CERT
RA <-> TN: Proof of privKey possession
TN -> L: APPROVE_ADD_X509_ROOT_CERT
L -> L: Pending Root Certificate becomes approved\nafter receiving approval from N (or K% of) Trustees
== Add an Intermediate or Leaf Certificate ==
V -> V: A Certificate signed by the Root Certificate
V -> L: ADD_X509_CERT
L -> L: Validate certificate against the Root Certificate
== Revoke a Certificate by Trustees ==
T1 -> L: PROPOSE_REVOKE_X509_CERT
TN -> L: APPROVE_REVOKE_X509_ROOT_CERT
L -> L:the certificate and all child certificates are revoked\nafter receiving approval from N (or K% of) Trustees
== Revoke a Certificate by the owner ==
V -> L: REVOKE_X509_CERT
L -> L: the certificate and all child certificates are revoked
@enduml