Releases
The DigiCert® Software Trust Manager release feature offers key security by confining their use to specific approved timeframes, sometimes referred to as "release windows." Within these defined timeframes, you have comprehensive control over keypairs, authorized users that can sign, and the maximum allowable signatures.
When you assign an offline key to a release, you can only sign with that key during the release window. In contrast, when you assign an online key to a release, you have more flexibility because online keys can be used to sign inside or outside of a release window.
When you sign with an online keypair that is associated with a release, all of the following factors must apply for your signatures are associated with the release:
The keypair associated with the release has "restricted" status and the user is mapped to the keypair or the keypair associated with the release has an "open" status.
User is listed as a participant of the release.
User has sign permission.
User uses the online keypair assigned to the release to sign within the release timeframe.
Anmerkung
A keypair can only be assigned to one release at a time.