====== Scenario 1.6: Set Up CRL/OCSP Infrastructure ======

<WRAP round info>
**Category:** [[.:start|PKI Infrastructure]] \\
**Complexity:** ⭐⭐⭐⭐ (Very High) \\
**Prerequisites:** [[.:intermediate_ca_erstellen|1.2 Create Intermediate CA]] \\
**Status:** ⏳ Planned
</WRAP>

----

===== Description =====

This scenario describes setting up a **Revocation Infrastructure** for Post-Quantum certificates. This includes Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) responders.

**What is set up:**
  * CRL Distribution Points (CDP)
  * OCSP Responder with ML-DSA signing
  * Authority Information Access (AIA) Extensions

----

===== Content in Preparation =====

<WRAP round alert>
This scenario is currently being documented. The complete documentation will be available in a future version.
</WRAP>

----

===== Related Scenarios =====

^  Relationship  ^  Scenario  ^  Description  ^
| **Prerequisite** | [[.:intermediate_ca_erstellen|1.2 Intermediate CA]] | CA for CRL signing |
| **Prerequisite** | [[.:certificate_policy_definieren|1.5 Certificate Policy]] | Policy with revocation requirements |
| **Usage** | [[en:int:pqcrypt:szenarien:widerruf:start|6. Revocation]] | Revoke certificates |

----

<< [[.:certificate_policy_definieren|← 1.5 Certificate Policy]] | [[.:start|▲ PKI Infrastructure]] | [[en:int:pqcrypt:szenarien:csr:start|2. CSR →]] >>

{{tag>scenario pki crl ocsp revocation planned}}

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//