Difference between revisions of "PKI Roles and Privileges"

From Dogtag
Jump to: navigation, search
(Created page with "== Roles and Privileges == *Privileged User Roles **Administrators, who can perform any administrative or configuration task for a subsystem. **Agents, who perform PKI manag...")
 
(No difference)

Latest revision as of 22:04, 13 August 2019

Roles and Privileges

  • Privileged User Roles
    • Administrators, who can perform any administrative or configuration task for a subsystem.
    • Agents, who perform PKI management tasks, like approving certificate requests, managing token enrollments, or recovering keys.
    • Auditors, who can view and configure audit logs.
  • Boot strap user - special user automatically created at time of installation; this bootstrap user possesses all role user privileges
  • Trusted Managers - special group used for inter-CS communication
    • CA -> KRA
    • TPS->CA, TPS->TKS
    • An RA (Registration Authority) is an extension for the CA given to an external entity that handles its own authentication and can act on behalf of the users that it governs to submit requests to the CA

non-Role users/entities

  • EE, end entity users who have no privileges in the realm of RHCS system.