The Signer Creation process is divided into the following sections: User Identification
Signer Creation
Corresponds to the usage scenario (US2) Signer Creation, includes among others the key pair generation.
Figure 5: Sequence diagram of the Signer Creation process
|
Nr. |
Step |
Components |
Description |
|
2 Signer Creation |
|||
|
2.1 User Identification |
|||
|
2.1.1 |
The User initiates the process of being registered as Signer at the Server Signing Service by sending a request to the SSSrv/UI. |
User, SSSrv /UI |
initiateCreationOfSigner At this point the User starts performing either the use case 'New User' (eID Card) or the use case 'Existing User' (Hardware Token) and thus chooses the means of identifications used. |
|
2.1.2 |
The SSSrv/UI provides to the User the appropriate application form for registration with the Server Signing Service. |
SSSrv/UI, User |
provideApplicationForm The application form for registration is presented by the SSSrv/UI via web interface according to the performed use case. |
|
2.1.3 |
The User: fills in the application form activates the checkbox with which he declares his will for registration and reading of his personal data from the respective means of identification |
User |
fillinApplicationForm, declareWillToRegister Possible means of identification: eID Card, Hardware Token. |
|
2.1.4 |
The identification of the User is performed. |
User, SSSrv /UI |
( 21 doingIdentificationEIDCard | 22 doingIdentificationHardToken ) Sub process according to the performed use case and the used means of identifications. Input is the application form data. Results are the Application Data Record and the storage of it. |
|
2.1.5 |
The creation of an ID token for the Privileged User is performed. |
SSSrv/UI, IdP |
( 23 doingCreation OfIDTokenForPrivUser ) |
|
2.2 Signer Creation |
|||
|
2.2.1 |
The SSSrv/UI requests the SSA for the registration of a new Signer based on the determined and verified user data. |
SSSrv/UI, SSA |
requestRegistrationOfSigner |
|
2.2.2 |
The SSA checks the request for the registration of a new Signer. |
SSA |
checkRequestRegistrationOfSigner The request shall contain the signed data structure which is generated in step before. |
|
2.2.3 |
The SSA forwards the request to the SAM. |
SSA, SAM |
requestCreationOfSigner |
|
2.2.4 |
The SAM checks the request for the creation of a Signer. |
SAM |
checkRequestCreationOfSigner |
|
2.2.5 |
The SAM creates a new Signer entry. |
SAM |
createSignerEntry |
|
2.2.6 |
The SAM responds to the SSA to confirm the creation of an UM entry for the Signer. |
SAM, SSA |
confirmCreationOfSigner |
|
2.2.7 |
The SSAI responds to the SSSrv/UI to confirm the creation of the Signer. |
SSA, SSSrv /UI |
confirmCreationOfSigner |
|
2.2.8 |
The SSSrv/UI responds to the User to confirm the creation of the Signer. |
SSSrv/UI, User |
confirmCreationOfSigner |
Table 5: Step-by-step description of the process Signer Creation