Dublin Network Package Onboarding

In Dublin support is planned for verifiably authentic and genuine network packages, as well as ordinary packages.



  1. For Dublin release, issuer certificate files will be copied to a directory in the SDC onboarding container. This has to be done separately to uploading a signed package. These issuer certificates are trusted and certificates issued by their owners will be trusted when they are processed.

  2. The signed package is then uploaded as normal when creating a Vendor Software Product from a network package. The package signing certificate, latest-vendor-package.cert in the diagram, is in included in the signed package, latest-vendor-package.zip in the diagram.  SDC will validate this certificate using the trusted issuer certificates it has from item 1 above. If the package signing certificate is validated, it will then verify the signature of the package using this signing certificate.