Sie befinden sich hier: start » en » Internal Documentation » WvdS Crypto Library » 6. Scenarios

6. Scenarios

Categories: 12 Developer + 6 Operator
FFI Functions: ~420
Target Audiences: Developers, Administrators, Operators

Complete task scenarios for post-quantum cryptography. Separated by target audience: Developer (API-focused, C#) and Operator (day-to-day operations, runbooks, bash/PowerShell).

Overview of All Categories

flowchart TB subgraph SETUP["SETUP"] K1["1. PKI Infrastructure"] K2["2. CSR"] K3["3. Issue Certificates"] end subgraph MANAGE["MANAGEMENT"] K4["4. Manage Certificates"] K5["5. Validation"] K6["6. Revocation"] end subgraph CRYPTO["CRYPTOGRAPHY"] K7["7. Encryption"] K8["8. Signatures"] K9["9. Authentication"] end subgraph INFRA["INFRASTRUCTURE"] K10["10. TLS/mTLS"] K11["11. Key Management"] K12["12. Import/Export"] end K1 --> K2 --> K3 K3 --> K4 K4 --> K5 & K6 K1 --> K11 K3 --> K10 K8 --> K9 style K1 fill:#e8f5e9 style K5 fill:#e3f2fd style K10 fill:#fff3e0

Scenario Categories

Cat. Title Description Scenarios Status
1 PKI Infrastructure Root CA, Intermediate CAs, Trust Stores 6 In Progress
2 Certificate Requests (CSR) Create, sign, process CSRs 4 In Progress
3 Issue Certificates Server, client, code signing certificates 5 In Progress
4 Manage Certificates Renewal, re-key, export, archiving 4 In Progress
5 Validation & Trust Chain validation, revocation check 5 In Progress
6 Revocation CRL, OCSP, Delta-CRL 4 In Progress
7 Encryption Hybrid encryption, key encapsulation 3 In Progress
8 Digital Signatures Documents, code, timestamps 4 In Progress
9 Authentication mTLS, client auth, SSO 3 In Progress
10 TLS/mTLS Communication Server setup, client config 4 In Progress
11 Key Management Generation, rotation, destruction 5 In Progress
12 Import/Export PEM, PFX, PKCS#7, interoperability 4 In Progress

Industry-Specific Notes

Industry-specific requirements (energy, healthcare, automotive, industry) are documented within the relevant scenarios, not as a separate structure.

Example: Scenario „1.1 Create Root CA“ contains notes for:

  • Energy: 25-year certificates for wind turbine lifespan
  • Healthcare: gematik-compliant OIDs
  • Automotive: V2X-PKI compatibility

Regulatory compliance documentation: → Compliance

Quick Reference

Quick Start:Quick Reference
Compact code examples without details. For a quick overview.

Operator Scenarios

For Sysadmins & DevOps:Operator Scenarios
Runbooks, checklists, bash/PowerShell scripts for operational tasks.

Category Description Scenarios
Day-to-Day Operations Issue, renew, revoke certificates, health check 4
Automation ACME, CI/CD signing, cert-manager, scheduled renewal 4
Monitoring Expiry monitoring, CRL/OCSP check, audit logging, alerting 4
Migration Classic→Hybrid, parallel operation, rollback, inventory 4
Disaster Recovery CA backup/restore, key ceremony, emergency revocation 3
Cloud Integration Azure Key Vault, AWS KMS, HashiCorp Vault 3

Quick Start

Typical starting point for new PKI:

  1. 1. PKI Infrastructure → Build Root CA + Intermediate
  2. 2. CSR → Requests for end-entity certificates
  3. 3. Issue Certificates → Server/client certificates
  4. 5. Validation → Implement chain verification
  5. 6. Revocation → Set up CRL/OCSP

Further Reading

Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional

, , ,
Zuletzt geändert: on 2026/01/29 at 11:37 PM

Seiten-Werkzeuge