CRL Dissemination


Usage and configuration instructions for this module are available in the following associated documentation: Digi-CA™RA Operation Guide.

Certificate & CRL Dissemination Services [CCDS]

The Certificate & CRL Dissemination Services [CCDS] Module is a software application that ultimately provides dissemination service for End Entity Public Key Certificates, Key Pairs and Certificate Revocation Lists.

The CCDS, in the overview of the CA core services, acts as the Dissemination Service.

From an Operating System perspective, the CCDS is a client application to the CA database server. It sustains a persistent connection to the database from where dissemination requests are loaded and subsequently served. The following table presents a general overview of the functionality the CCDS module is designed to provide.

CSP functionality overview
End Entity public key publication in LDAP directory   CRL publication in web repository
End Entity public key distribution   CRL distribution
End Entity certificate expiration notification   TSA Client notifications
Table 8.0

Public Key Certificates generated by the CSP Service Module are stored in a CA database and CCDS is responsible for distributing the certificates to End Entities and if necessary, publishing these in a certificate LDAP directory.

For distribution, CCDS primarily uses Internet mail messaging [email], where public key certificates are attached to email messages. Another common method is to notify End Entities of a specific certificate collection web access point where End Entities can collect certificates by using a web browser, which is provided as part of the Entity Registration Service.