About Smart Data Bridge
The Smart Data Bridge enables outside applications to push revocation status for individual certificates to a Validation Authority (VA).
This allows the VA to obtain updated revocation status information more frequently than a Certificate Authority publishes Certificate Revocation Lists (CRLs).
When the Smart Data Bridge detects new information, it pushes the updated information to the VA. Then the VA can include this information in OCSP responses, pre-generated OCSP response lists.
System Overview
Prior to operation, the Authority must be configured with the certificate issuers that it will support.
In order for the Smart Data Bridge to send updates to the ActivID Validation Authority, the Credential Update Interface must be enabled and properly configured. The Credential Update Interface receives the XML messages sent by the Smart Data Bridge and processes the requested changes. For details, refer to the documentation supplied with your ActivID Validation Authority product(s).
The Smart Data Bridge scans for new CRL entry files or XML files to determine if any changes in certificate revocation status. When new files are found, the Smart Data Bridge pushes these changes to one or more ActivID Validation Authorities.
The Smart Data Bridge Architecture is shown below:
-
HID Global components:
-
Validation Authority: The Validation Authority.
-
Smart Data Bridge: Periodically checks to determine if certificate revocation status changes are available and sends the updated information to the Validation Authority.
-
-
Other PKI components:
-
Certificate Authority (CA): Signs and publishes certificates and CRLs based on information provided by an Issuer or Registration Authority. The CA also provides the certificate to the credential issuer, where appropriate.
-
XML Export: Produces records of individual certificate revocation in an XML format defined by HID Global and saves them as files on a local hard drive to be retrieved by the Smart Data Bridge.
-
Topics in this section:
