work out use cases for different cert types

[JoernT]

we need a textual description with steps (user actions) to gain clarity about the different usage sceanarios.

Enduser -> request cert admin -> create VPN cert admin -> create servercert admin -> revoke cert admin -> create code-signing cert

What more? Split into single tickets?

[chakl]

See doc/primitives.md (work in progress)

[JoernT]

started working on this and added a usecase.md to docs.