Improve definition of certificate generation service

Vertical Standard Comment

Please complete the below fields. Further instructions can be found in the repositories README.md Do not forget to add a Label, using the sidebar on the right.

Standard Version (see README.md for info):

V0.0.5

Line Number:

Clause/Subclause:

4.2

Paragraph/Figure/Table:

Comment:

The definition of F.Certificate generation service excludes a mode of operations that may be required by its use case. Specifically, CA keys and certificates may need to be imported rather than generated. I would simplify the definition and put the details into a note, numbered 3.5 below to indicate position without changing all other note numbers.

Proposed Changes:

F.Certificate generation service: manages the CA keys and certificates; creates and signs subject certificates based on the identity and other attributes verified by the registration service; and passes the signed certificates to the dissemination service.

NOTE 3.5: Managing CA keys may include generation of CA keys as well as import and export functions for such keys. At least one of the generation and import functions shall be supported.