Goals
The goal is to revoke a PCA certificate from the SCMS System.
Background and Strategic Fit
The Technical Component of the SCMS Manager (or a local ICA Manager) determines that a Pseudonym Certificate Authority (PCA) needs to be revoked.
Procedure
- The TCotSCMSM contacts the CRLG and adds the certificate of the impacted PCA to the CRL. On receipt of the new CRL, all components will cease to trust pseudonym certificates issued by the PCA.
- The local ICA Manager will contact any RA that was configured to use the impacted PCA and instruct it to send new pseudonym certificate requests to a different PCA or it will stand up a new PCA (see the Add PCA use case).
- The LAs that share a secret key with the impacted PCA will delete the shared key and await configuration information from the local ICA Manager to establish a key with a new PCA.
- All end-entity devices whose pseudonym certificates were signed by the revoked PCA should obtain a new batch of pseudonym certificates as soon as possible (the SCMS Manager may set performance requirements for how quickly this must happen). If they have certificates from other non-revoked PCAs for the current time period, they may continue to operate using those certificates until a replacement batch can be downloaded.
Assumptions
- All RAs will destroy any stored batches of pseudonym certificates proactively generated by the impacted PCA
- Any misbehavior investigations that relied on the PCA will be stopped
