EEs use this service to download a local certificate chain file.
PORT | 8892 |
---|---|
PATH | /download/local-certificate-chain |
HTTP Method | GET |
HTTP Request Body | Empty |
HTTP Request Headers |
Optionally, the request may include the standard HTTP Header 'If-None-Match' containing the file name of the local certificate chains file that the EE currently possesses, excluding any path. For example: If-None-Match: "local_certificate_chains_01_03.oer" This is used to prevent the same file from being downloaded by the device multiple times. |
HTTP Response Body | File containing the local certificate chains
represented by an OER encoded ASN.1 serialized ScopedLocalCertificateChainFile.
The file name returned is of the form:
local_certificate_chains_<X>_<Y>.<Z> Where:
OR An HTTP code of 304 (Not Modified), if the provided file name in the 'If-None-Match' header matches the current version available on the RA server. |
Preconditions
None
Postconditions
- Returned file contains SCMS certificates chains that the device will use
Error Handling
See "RA-EE Errors" in Overview of Used Error Codes
Quality of Service
Estimated values are per logical unit, meaning multiple individual nodes can contribute to achieve the desired level of service. The number of vehicles that potentially invoke this service in a week is a function of the number of years in service:
Quality Metric
|
Rationale
|
1 Year
|
3 Years
|
5 Years
|
10 Years
|
---|---|---|---|---|---|
Throughput |
Assuming half of all new cars plus all existing vehicles need to download local certificate chain file in the same week. |
8,500,000 new vehicles / 604,800 seconds/week = 14 requests / second |
(8,500,000 new vehicles + 34,000,000 existing vehicles) / 604,800 seconds/week = 70 requests / second |
(8,500,000 new vehicles + 68,000,000 existing vehicles) / 604,800 seconds/week = 126 requests / second |
(8,500,000 new vehicles + 153,000,000 existing vehicles) / 604,800 seconds/week = 267 requests / second |
Quality of Protection
- RA protects access with HTTPS (TLS V1.2)
- Supports at a minimum OpenSSL cipher suite ECDHE-ECDSA-AES128-SHA256