Skip to end of banner
Go to start of banner

Interim key-storage

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 4 Next »

The purpose of the interim key-storage is to get online with a temporary AB for the early-adapting participants of the Mobile Ticket Specifications. This is not a complete AB as we believe there are more functions to come. The API is based upon the same principles as the coming API-specs from the project, but the permanent solution will be more detailed.

The interim solution for key storage is divided into two parts:

  • The key storage where everyone can fetch the key-list on an open url. The keylist can be fetched from http://api.mobileticket.se/keylist The keylist is updated every 5 minutes.
  • The key handling in which a client with a PID via email can publish or remove public keys.

 

Key-management

Overview

In the interim key-management mechanism, keys are published to and removed from the keylist via preformatted signed e-mail to the AB.

Each Participant (with an assigned PID) can take part in the key-management after a "hand shake" where the Participant physically deliver, to a delegate of the AB, their public component of the key used for signing the key-management e-mails.

The key-management key will be verified with a signed message in return to the Participant.

The keys shall be delivered within an JWS according to mts4 but specified as in here.

Key management requests are sent via e-mail to keyhandling@mobileticket.se. After successfully authenticating the content of the e-mails, key information are subject to a manual check and then imported into the key management system.

After a successful import the system will send a confirmation email to the predefined recipient of the Participant.

All transactions will be logged.

 

 

  • No labels