Comment: One suggestion is to rename the heading to “Sign and encrypt engine descriptors”. What do you think David Banz?
| Info |
|---|
This article is valid for Smart ID Identity Manager 24.R1 or later. |
...
The engine’s descriptors are the following: David Banz we added a table for this section. OK?
Descriptor | Description |
|---|---|
encryptedFields | Encryption and decryption of fields in the Identity Manager database |
configZipEncrypter | Encryption of the configuration files |
configZipSigner | Signing and validation of the configuration files |
objectHistorySigner | Signing and verification of the object history |
signEmailDescriptor | Signing of emails |
hermodDeviceEnc | Creation of device encryption certificates that are used in Smart ID messaging |
SelfServiceJWTSigner | Authentication of Smart ID Self-Service users to the Identity Manager backend |
ContentProviderJWSSigner | Creation of JWS signatures used for Smart ID messaging content provider API |
idopteAuthentication | Initial handshake with Idopte client-side middleware |
insideClientAuth | Authentication to the IN Groupe Inside Server |
att_* | Attestation for provisioning to Smart ID Mobile / Desktop Apps |
(arbitrary name) | Decryption of PIN blobs from pre-personalized smart-cards created with the Personal Desktop Client |
Each descriptor is described in detail in the sections below, including requirements how it shall be bootstrapped.
EncryptedFields
David Banz here you can decide if you want to keep the bullet list-style, or if we should go for a table instead. What do you prefer? (Table first, then the bullet list directly under the table for reference.)
| Info |
|---|
Descriptor included in default configuration. Correct bootstrapping is required for productive use. Only dev- and test systems may use placeholders (for example created with bootstrap.zip package or the corresponding Docker container). |
...