Goals
The goal is to provide a reliable, secure, and timely method for certified devices to download credentials.
Background and Strategic Fit
The purpose of this use case is to provide a defined method that a certified OBE can use to download subsequent batches of credentials. The step at hand is to top-up OBE identification certificates. It is similar to Step 19.3: Initial Download of OBE Identification Certificates. Differences are documented in this section. Also, see Step 19.4: Schedule generation of subsequent batch of OBE identification certificates for full details of the process to schedule certificate pre-generation.
Assumptions
- The OBE has successfully completed Step 19.1: Request for OBE Identification Certificates
- The OBE has successfully completed Step 19.3: Initial Download of OBE Identification Certificates
- The RA retrieved the issued certificates from PCA, zipped, and stored them in a folder for OBE to download
Process Steps
- The OBE checks that, and if necessary waits until, the current time matches or is after the timestamp given in the .info file
- The OBE downloads the Local Policy File (LPF) and the Local Certificate Chain File (LCCF), as done before in Step 19.3: Initial Download of OBE Identification Certificates
- If there is an updated LCCF, OBE applies all changes to its trust-store (necessary for PCA Certificate Validations)
- If there is an updated LPF, OBE applies those changes
- The OBE downloads the new OBE identification certificates
- The OBE downloads .info file using the API documented in RA - Download .info File
Error Handling
- The EE will abandon further interactions with the RA after a certain number of failed communication attempts resulted in critical errors
- The EE will not attempt to execute the certificate provisioning process if it finds itself on the latest CRL (assumes that a willful violator has not compromised the device). The device will need to execute the certification/bootstrap process again to exit a revoked state.
- The EE may terminate the certificate batch download process if sufficient storage is not available for subsequent batches
Design Notes
- See Step 19.3: Initial Download of OBE Identification Certificates for full details of the download process
- From the SCMS point of view, the basic process for "top-up" certificate downloads is the same as that used for initial provisioning as detailed in Step 19.3: Initial Download of OBE Identification Certificates. However, this is an incremental download and not a full download of all available certificate files. The number of files downloaded shall be factored in system sizing requirements.
- From the OBE's point of view, the process is slightly different from the process for initial provisioning
- The RA will record the last time an OBE established a connection. This last connection time will be used to stop pre-generating pseudonym certificates if there is no activity for a period of time.
- The RA will automatically resume pre-generating pseudonym certificates when an OBE reestablishes a connection. The new certificates will be available for download at the time specified in the .info file.