Chapter 4. The structure of OpenCA

Table of Contents
OpenCA Layout
OpenCA Terminology
Functionality of the CA Server (CAServer)
Functionality of the RA Server (RAServer)
Functionality of the RA Operators (RAOperators)

OpenCA is comprised by three type of components, the Certification Authority, the Registration Authority and the RA Operator. We shall discuss in detail these components in this chapter.

OpenCA Layout

We shall describe the CA structure as used currently in OpenCA.

Figure 4-1. Current OpenCA Layout

The Certification Authority, for security reasons and with accordance with the current layout, is recommended not to be networked. It can communicate with the Registration Authority in a manual fashion, such as using removable media.

The Registration Authority is recommended not to have direct access to the Internet but be accessed through the RA Operator.

The RA Operator constitutes the interface of OpenCA to the users and the Internet.