Introduction:

implement PKI.

Programming task $($functionality$)$:

implement a CA$,$ Entity, and Relying Party.

Roles in PKI:

CAs $-$ issue certificates to other entities. When issuing a certificate, a CA has no need to verify the

identity of the entity being certified. A CA can also issue a certificate to an entity making them a CA themselves

Entities $-$ Sign objects using their secret keys

Relying parties $-$ given an object and cert chain, know to check object is valid.

Implement a CA$,$ an Entity with a certificate from a CA and a Relying Party that knows to verify objects signed by your entity. Objects should be serializable for signing purposes $($an entity signs the serialization

of the object$).$

Make sure that the certs issued by your CA include validity dates. Additionally design and implement a revocation mechanism for certificates.

Programming task $($security$)$

A CA never sees an entity's secret key. A certificate includes validity dates.

You may use this library for encryption and verification.

Guidelines:

code in Python along with a pdf design document.

In the design locument describe the architecture you built and how it satisfies the above requirements. Make sure to explain your API and include a sample main to run the three entities.