Service Interfaces - Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual

System Architecture
responder only takes OCSP request format, while a DRM does not provide any
end-entity services. The client applications used to access this entry point must
have the capability to act as an SSL client. A common client application is a
browser such as the Netscape browser.
• Agent Entry Point—provides entry point for agent interface and
inter-CIMC_Boundary interface. A set of customizable HTML forms are
provided at this port for CA, RA, and DRM agent users to perform agent tasks.
The client applications used to access this entry point must have the capability
to act as an SSL client. A common client application is a browser such as the
Netscape browser.
• Administrators Entry Point—provides entry point for administration
configuration interface, and for auditor's audit log viewing. The client
applications used to access this entry point must have the capability to act as an
SSL client. A common client application is bundled with the CMS product is
Netscape Console, a java application that provides a GUI interface and
understands the protocol provided by the CMS Administration Interface.

Service Interfaces

Each of the subsystems contains interfaces allowing interaction with various
portions of the subsystem. All four subsystems share a common administrative
interface. All four subsystems have an agent interface that allows for agents to
perform the tasks assigned to them. A CA Subsystem and an RA Subsystem have
an end-entity services interface allowing end entities to enroll in the PKI. An OCSP
responder subsystem has an end-entity services interface allowing end entities and
applications to check for current certificate revocation status
While the HTTP Engine provides the connection entry points, CMS completes the
interfaces by providing the servlets specific to each interface.
End-Entity Services Interface
For the CA subsystem and RA subsystem, the end-entity interface provide JAVA
servlets to process HTML form submissions coming from the end-entity entry
point. Based on the information received from the form submissions, the end-entity
servlets allow end entities to enroll, renew certificates, revoke their own
certificates, and pick up issued certificates. The OCSP responder subsystem's
end-entity interface provides JAVA servlets to accept and process OCSP requests.
The DRM subsystem does not offer any end-entity service.
60 Netscape Certificate Management System Administrator's Guide • February 2003