PKI Update Actions

When initiating a credential update, ActivID CMS uses the action parameter to specify the type of update to perform.

When ActivID CMS invokes the updateCredential() method, the action parameter format is always represented by a lowercase, hierarchical, and dot-notated list.

The following is a list of valid values for the action parameter:

• pki.renew—indicates that the update action needs to reset the expiration date of the credential as indicated (pki.renew).

• pki.rekey—indicates that the update action needs to regenerate the key pair or accept a new public key (where the key pair is generated by the end-entity) for the Credential re-key.

• recover—indicates that the credential is to be recovered.

The identifying information normally provided by the certificate must be present in the credential if it is to recover an escrowed private key using only the credential as input. It is responsibility of ActivID CMS to persist the credentials with other device content information.