Skip to main content

LearnProducts & Use Cases Technical Documentation Academy Resources

Anapaya appliance
Anapaya SCION CA

Processes & Workflows
Tutorials
Cookbook
- Bootstrap SCION CP-PKI
  - Checklists
    - Voting member
    - Certificate authority
  - Key storage
- Set up a monitoring host

Cookbook
Bootstrap SCION CP-PKI
Checklists
Voting member

Checklist - Voting member

Use this checklist as a voting member to prepare for a TRC signing ceremony.

Preparation

Defined where asymmetric EC private keys are stored
- Defined roles and principals that have access to the private keys for signature creation.
- Granted access through appropriate policies (principle of least privilege).
Created regular voting certificate
- Defined subject information for regular voting certificate
- Self-signed regular voting certificate with the private key using scion-pki certificate create
- Stored regular voting certificate for later use in the ceremony
Created sensitive voting certificate
- Defined subject information for sensitive voting certificate
- Self-signed sensitive voting certificate with the private key using scion-pki certificate create
- Stored sensitive voting certificate for later use in the ceremony
Test signature creation
- Created a test payload using scion-pki trc payload dummy
- Signed the test payload with regular voting key using scion-pki trc sign
- Signed the test payload with sensitive voting key using scion-pki trc sign

Ceremony

Access to environment that can run scion-pki
- scion-pki and step-kms-plugin binaries installed
- Principal has access to the private key for signing
Certificates available
- Regular voting certificate
- Sensitive voting certificate

Certificate authority

Preparation
Ceremony

Legal

Legal Notice
Impressum
Privacy Policy

More

Anapaya
Blog
News
Events & Webinars

Company

About Us
Careers
Contact

Copyright © 2025 Anapaya Systems AG. All rights reserved.