This module may provides the following features :
- Storage of trusted certificates
- Storage of private certificates
- Verification of Certificate chain
- Creation of Root CA
- Signature of CR
- Association of Certificates with XWikiUsers
- CRL support (verify/provide)
The features will be accessible through a scripting service, complementing the current crypto script service. Storage of certificate should be plug-able, providing storage either in the DB or the FS, and being open to extensions.
The minimal implementation should be able to verify that a given certificate is trusted against a given list of trusted certificates. It will be used by the signed scripts feature to manage trusted certificate for signatures.