= Proposal for a (future) evolution of Possum Software =

  . The scope is the Protocol and Software Suite of the Signing Server.

  . At the moment, this is assumed not to change from the current suite.

  . Future enhancements to the Protocol would see a re-engineering, as suggested by the requirements in [[Possum]].

  . The current suite could be improved for footprint and security.
  . See
    . [[Possum]] for main information
    . [[Technology/Laboratory/Software/Possum]] for the developed design scope of the Software (this page)
    . [[Technology/Laboratory/Hardware/Possum]] for the developed design scope of the Hardware
    . [[Brain/Study/Possum/Hardware]] for the ongoing project concept

== Requirements ==


=== Software ===

  . - Capable of digital signing
   . - Signing of keys to make certs
   . - Basic checks over certs
   . - Signing of revocations to make CRLs or OCSP
  . - Keeps logs of all requests received and handled
   . - Delivers logs on request
   . - Offloading and deletion of logs
  . - Protocol driver
   . - Handles all requests
   . - Handles restart / loss of sync or somesuch
  . - Management access
   . - Logging of management access, commands issued

=== Protocol ===

  . - Certificate operations
    . - Certificate signing
    . - Certificate revocation
    . - Roots are multiple and hierarchical
    . - Serial number control?  Who is responsible, caller or server?
  . - Capable of layering over different packet networks.
    . - Request-response model
  . - Simple layout
  . - Some Management requests
    . - Timesync
    . - Vital statistics request
  . - Highly reliable
    . - survives loss of communication
    . - Syncing / reset
  . - Simple layout
   . - Not readable text
   . - Capable of multiple implementations, including basic-to-oo.


=== Management Interface ===

 . All of these features are as required by the rest of the design.

  . - Create roots or load up roots
  . - Check status of logs
  . - Check vital statistics
  . - Debug
  . - Backup / offload