Rather than generating a certificate for user, we can expect to get a certificate request, validate it to see if it has correct fields set, and sign and return it so users can use it to encrypt sensitive messages between themselves leaving server no way of deciphering the messages (though this has other challenges as to how one user would trust authenticity of another user without trusting CA).
It can also be nice for user to cipher his/her messages before sending them to server for storage. However this makes multi-device a problem (how to handle different devices with different certs?). Also we would still need to store public key (at least the serial of the cert) for CRLs.
soygul
commented
8 years ago
Rather than generating a certificate for user, we can expect to get a certificate request, validate it to see if it has correct fields set, and sign and return it so users can use it to encrypt sensitive messages between themselves leaving server no way of deciphering the messages (though this has other challenges as to how one user would trust authenticity of another user without trusting CA).
It can also be nice for user to cipher his/her messages before sending them to server for storage. However this makes multi-device a problem (how to handle different devices with different certs?). Also we would still need to store public key (at least the serial of the cert) for CRLs.