summaryrefslogtreecommitdiffstats
path: root/design/hs_pki_templates
blob: 3196fc6c4dec4d7e006a077cf1b01c52f3a4e607 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
End user:
	End user split in:
	 - soft stored certs
	 - obfuscated certs
	 - hardware secured certs

	End user:
	 - Client certs (auth)
	 - E-mail certs (signing)
	 - Encryption

	Device:
	 - TLS certs (encr/auth)
	  * server
	  * client
	  * server+client(?)

	All above should be issued per application or generally applications should
	leverage main user certificate