From 6f8ac9818cd186efb661d6dbc4a91963ff209696 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Fri, 2 Dec 2022 13:28:10 +0100
Subject: [PATCH] Update component diagram

This commit adds the Framer and Server Protocol components to the
component diagram.
---
 docs/components.puml |  12 +++--
 docs/components.svg  | 116 ++++++++++++++++++++++++-------------------
 2 files changed, 72 insertions(+), 56 deletions(-)

diff --git a/docs/components.puml b/docs/components.puml
index c325bf9..54c81ec 100644
--- a/docs/components.puml
+++ b/docs/components.puml
@@ -8,7 +8,9 @@ System_Ext(SignerClient, "Signer client", "Send commands to signer")
 
 System_Boundary(Signer, "Signer server") {
   Boundary(SignerSoftware, "Signer Software") {
-    Component(SerialHandler, "Serial link handler", "Go", "Reads and writes to the serial interface, parses and creates frames")
+    Component(SerialHandler, "Serial link handler", "Go", "Reads and writes to the serial interface")
+    Component(Framer, "Framer", "Go", "Parses and creates frames")
+    Component(ServerProtocol, "Server protocol", "Go", "Server protocol state machine")
     Component(ProtocolHandler, "Protocol handler", "Go", "Parses and creates protocol messages")
     Component(X509SigningHandler, "X.509 signing", "Go", "Handles X.509 certificate signing commands")
     Component(X509RevocationHandler, "X.509 revocation", "Go", "Handles X.509 certificate revocation commands")
@@ -20,7 +22,7 @@ System_Boundary(Signer, "Signer server") {
     ComponentDb(SignerDB, "Certificate repository", "Go, Embedded Key-Value DB", $sprite="database")
   }
 
-  ContainerQueue(NATS, "NATS Service", "NATS")
+  ComponentQueue(NATS, "NATS Service", "NATS")
 }
 
 System_Boundary(Signer2, "Other signer") {
@@ -29,14 +31,16 @@ System_Boundary(Signer2, "Other signer") {
     ComponentDb_Ext(SignerDB2, "Certificate repository", "Go, Embedded Key-Value DB", $sprite="database")
   }
 
-  ContainerQueue_Ext(NATS2, "NATS Service", "NATS")
+  ComponentQueue_Ext(NATS2, "NATS Service", "NATS")
 }
 
 Component_Ext(HSM, "HSM", "PKCS#11", "Hardware security module")
 
 Rel(SignerClient, SerialHandler, "Uses", "USB serial link")
 
-Rel(SerialHandler, ProtocolHandler, "Uses")
+Rel(SerialHandler, Framer, "Uses")
+Rel(SerialHandler, ServerProtocol, "Uses")
+Rel(ServerProtocol, ProtocolHandler, "Uses")
 
 Rel(ProtocolHandler, X509SigningHandler, "Uses")
 Rel(ProtocolHandler, X509CRLHandler, "Uses")
diff --git a/docs/components.svg b/docs/components.svg
index afd2e5a..8bc7dd6 100644
--- a/docs/components.svg
+++ b/docs/components.svg
@@ -1,46 +1,50 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="851.4px" preserveAspectRatio="none" style="width:1221px;height:851px;background:#FFFFFF;" version="1.1" viewBox="0 0 1221 851" width="1221.6px" zoomAndPan="magnify"><defs/><g><!--MD5=[ef20b3fe45c502f37db21f37a527870c]
-cluster Signer--><g id="cluster_Signer"><rect height="604.2" rx="1.5" ry="1.5" style="stroke:#444444;stroke-width:0.6;fill:none;stroke-dasharray:7.0,7.0;" width="928.8" x="4.2" y="100.2"/><text fill="#444444" font-family="sans-serif" font-size="3.6" font-style="italic" lengthAdjust="spacing" textLength="22.8" x="457.2" y="104.7416">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="73.2" x="432" y="116.3109">Signer server</text><text fill="#444444" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="36.6" x="450.3" y="125.2582">[System]</text></g><!--MD5=[1bab5bcae8e0c09a8d95c3a3ae22aa87]
-cluster SignerSoftware--><g id="cluster_SignerSoftware"><rect height="548.4" rx="1.5" ry="1.5" style="stroke:#444444;stroke-width:0.6;fill:none;stroke-dasharray:7.0,7.0;" width="811.2" x="18.6" y="141.6"/><text fill="#444444" font-family="sans-serif" font-size="3.6" font-style="italic" lengthAdjust="spacing" textLength="22.8" x="412.8" y="146.1416">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="88.2" x="380.1" y="157.7109">Signer Software</text></g><!--MD5=[4e4416bf7ebbd0afd89bc8fc82d4e864]
-cluster Signer2--><g id="cluster_Signer2"><rect height="314.4" rx="1.5" ry="1.5" style="stroke:#444444;stroke-width:0.6;fill:none;stroke-dasharray:7.0,7.0;" width="270.6" x="947.4" y="533.4"/><text fill="#444444" font-family="sans-serif" font-size="3.6" font-style="italic" lengthAdjust="spacing" textLength="22.8" x="1071.3" y="537.9416">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="68.4" x="1048.5" y="549.5109">Other signer</text><text fill="#444444" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="36.6" x="1064.4" y="558.4582">[System]</text></g><!--MD5=[fd28193bdccf8ac8e7e1a1a0fe20b8a9]
-cluster SignerSoftware2--><g id="cluster_SignerSoftware2"><rect height="258.6" rx="1.5" ry="1.5" style="stroke:#444444;stroke-width:0.6;fill:none;stroke-dasharray:7.0,7.0;" width="147.6" x="1056" y="574.8"/><text fill="#444444" font-family="sans-serif" font-size="3.6" font-style="italic" lengthAdjust="spacing" textLength="22.8" x="1118.4" y="579.3416">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="88.2" x="1085.7" y="590.9109">Signer Software</text></g><!--MD5=[8f869394a97c4ccf4e0e1a7d0f555823]
-entity NATS--><g id="elem_NATS"><path d="M842.4,626.1 L920.4,626.1 C923.4,626.1 923.4,643.0688 923.4,643.0688 C923.4,643.0688 923.4,660.0375 920.4,660.0375 L842.4,660.0375 C839.4,660.0375 839.4,643.0688 839.4,643.0688 C839.4,643.0688 839.4,626.1 842.4,626.1 " fill="#438DD5" style="stroke:#3C7FC0;stroke-width:0.3;"/><path d="M920.4,626.1 C917.4,626.1 917.4,643.0688 917.4,643.0688 C917.4,660.0375 920.4,660.0375 920.4,660.0375 " fill="none" style="stroke:#3C7FC0;stroke-width:0.3;"/><text fill="#FFFFFF" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="42.6" x="857.1" y="635.7832">«container»</text><text fill="#FFFFFF" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="72" x="842.4" y="646.3922">NATS Service</text><text fill="#FFFFFF" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="25.2" x="865.8" y="655.3395">[NATS]</text></g><!--MD5=[1b07182dd713ed4e3be3a95ab68a0fd5]
-entity SerialHandler--><g id="elem_SerialHandler"><rect fill="#85BBF0" height="79.05" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="130.2" x="267.9" y="169.8"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="308.1" y="182.4832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="98.4" x="283.8" y="193.0922">Serial link handler</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="325.2" y="202.0395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="331.8" y="211.5346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="99.6" x="283.2" y="221.3127">Reads and writes to the</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="115.8" x="273.9" y="231.0908">serial interface, parses and</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="64.2" x="300.9" y="240.8689">creates frames</text></g><!--MD5=[3d42f30e2a78c2aed96731e8102a93c9]
-entity ProtocolHandler--><g id="elem_ProtocolHandler"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="101.4" x="282.3" y="294"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="308.1" y="306.6832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="89.4" x="288.3" y="317.2922">Protocol handler</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="325.2" y="326.2395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="331.8" y="335.7346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="80.4" x="292.8" y="345.5127">Parses and creates</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="80.4" x="292.8" y="355.2908">protocol messages</text></g><!--MD5=[1011eedbd8ff904aa9b61ed64da000c5]
-entity X509SigningHandler--><g id="elem_X509SigningHandler"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="124.2" x="408.3" y="413.7"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="445.5" y="426.3832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="72.6" x="434.1" y="436.9922">X.509 signing</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="462.6" y="445.9395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="469.2" y="455.4346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="107.4" x="416.7" y="465.2127">Handles X.509 certificate</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="80.4" x="430.2" y="474.9908">signing commands</text></g><!--MD5=[1c6dc598b8ad1e32344a0fe24eeaf662]
-entity X509RevocationHandler--><g id="elem_X509RevocationHandler"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="124.2" x="553.5" y="413.7"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="590.7" y="426.3832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="91.2" x="570" y="436.9922">X.509 revocation</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="607.8" y="445.9395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="614.4" y="455.4346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="107.4" x="561.9" y="465.2127">Handles X.509 certificate</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="95.4" x="567.9" y="474.9908">revocation commands</text></g><!--MD5=[6f59e0a59673b0784d2b49aad5931220]
-entity OpenPGPSigningHandler--><g id="elem_OpenPGPSigningHandler"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="110.4" x="28.2" y="413.7"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="58.5" y="426.3832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="92.4" x="37.2" y="436.9922">OpenPGP signing</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="75.6" y="445.9395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="82.2" y="455.4346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="93.6" x="36.6" y="465.2127">Handles OpenPGP key</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="84" x="41.4" y="474.9908">signing commands"</text></g><!--MD5=[ac60de3e2d5367fb8173a39d1f6f967e]
-entity X509CRLHandler--><g id="elem_X509CRLHandler"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="97.8" x="159.9" y="413.7"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="183.9" y="426.3832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="47.4" x="185.1" y="436.9922">X.509 crl</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="201" y="445.9395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="207.6" y="455.4346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="81" x="168.3" y="465.2127">Handles X.509 CRL</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="85.8" x="165.9" y="474.9908">retrieval commands</text></g><!--MD5=[04880e5e31ecc78df75a393e279e8df9]
-entity HealthHandler--><g id="elem_HealthHandler"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="108.6" x="278.7" y="413.7"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="308.1" y="426.3832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="69.6" x="298.2" y="436.9922">Health check</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="325.2" y="445.9395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="331.8" y="455.4346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="91.8" x="287.1" y="465.2127">Handles health check</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="47.4" x="309.3" y="474.9908">commands</text></g><!--MD5=[58d078c34e72bc75166669b12cea25ab]
-entity HSMAccess--><g id="elem_HSMAccess"><rect fill="#85BBF0" height="69.2719" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="116.4" x="154.8" y="608.7"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="188.1" y="621.3832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="64.2" x="180.9" y="631.9922">HSM access</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="205.2" y="640.9395">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="211.8" y="650.4346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="99.6" x="163.2" y="660.2127">Handles HSM hardware</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="28.8" x="198.6" y="669.9908">access</text></g><!--MD5=[2db99c1383d9a8197df41033e0363f36]
-entity SyncHandler--><g id="elem_SyncHandler"><rect fill="#85BBF0" height="80.4469" rx="1.5" ry="1.5" style="stroke:#78A8D8;stroke-width:0.3;" width="121.2" x="699" y="408"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="734.7" y="420.6832">«component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="85.8" x="714.9" y="431.2922">Synchronization</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="40.8" x="739.2" y="442.4672">handler</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="751.8" y="451.4145">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="758.4" y="460.9096"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="104.4" x="707.4" y="470.6877">Handles synchronization</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="71.4" x="723.9" y="480.4658">with other signer</text></g><!--MD5=[e834ab3daed066426c91d2e7962575e2]
-entity SignerDB--><g id="elem_SignerDB"><path d="M375.6,612 C375.6,606 439.8,606 439.8,606 C439.8,606 504,606 504,612 L504,674.1375 C504,680.1375 439.8,680.1375 439.8,680.1375 C439.8,680.1375 375.6,680.1375 375.6,674.1375 L375.6,612 " fill="#85BBF0" style="stroke:#78A8D8;stroke-width:0.3;"/><path d="M375.6,612 C375.6,618 439.8,618 439.8,618 C439.8,618 504,618 504,612 " fill="none" style="stroke:#78A8D8;stroke-width:0.3;"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="49.8" x="414.9" y="627.0832">«component»</text><image height="28.8" width="28.8" x="425.4" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAIAAADYYG7QAAACtklEQVR4Xu2XrUqFQRCGTzUIYhOLQWyCGKzHZrAYtYnYLApWwfIVk8kseAHaLV6Cl+AleAk+nMFhndmf72/xE3x5kXPW3dl3Z2Zn58ya189JceaHfpfdBF0/vZ/dvRxd3e8dnm7PjzZ39+H61s7q2gZ/IV8Zh/PjS6ZdPLzdPH94OxmWBWH04PyWnWZ9sbS8gkT0cR5v3zApiMW4AVvW/DDgRZT57ZRxQUixlkYF5yT0ft+4IA5hDdQBmeB3t4JIRruuJnzKW0FDkrcHfOD+Bf3EHxREkbCLqoHLb3aPCGrqFyEFb4DfPSIIntw88jxZA+OBl8Rf+JwglTVuShEj6lz+RbOCorPxLYYQ1+Npw9OZl9X7yQqSjiK6WMl/cR57UPshWkk7/kK+Mg65Pn6zkMyJvmgRQXIyPrAmb7QHOQy61dMdBCl4azHByrzbUuRIRFx6On9R+ggywChzJEYaICKoQZTYkTecpJhzZUGTe+2bqfVDwtrFOnq/coKaqfXUIaUqDonjoF8dstLPE474uwxTTPOBs4Lk2nMmMi5layARgRRxXltBCq2K3m4nymvjk9JbLggKgS0piTgP69giIuwE8SXkAyOMQyZoebSGApQF1b7wBj7NrSBmjH7VU8B/ZveIINHkX8HRQUD91nFBQi5tJVk4xkeqLEg4vCoKtDYWS4kVNE/3vFIS54teFuelUo1xyBlQIPcxZVAaSzNoBcm1x1b0N0qKcu39eIqaD20FCViDPzopyxDFeEtrtKCboBBhCDIvlJIJJsTW4gJlQeYERZAubCaU7LEzsvDut4KQbBdVA2cwu0cENYsfrHZpBZAD0bhHBDXfzYq1MRIIa6bligsScgKyeHhVFEhtxP1+o5A5QSHJrTbtRAhtV1o2r8K2ggx996MdkjRJfklL9hRUj5MT9AU1SPnpo3eZPgAAAABJRU5ErkJggg==" y="628.7813"/><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="116.4" x="381.6" y="666.4922">Certificate repository</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="110.4" x="384.6" y="675.4395">[Go, Embedded Key-Value DB]</text></g><!--MD5=[8940efdef782accd207644e2a21c9a46]
-entity NATS2--><g id="elem_NATS2"><path d="M960,769.5 L1041.6,769.5 C1044.6,769.5 1044.6,786.4688 1044.6,786.4688 C1044.6,786.4688 1044.6,803.4375 1041.6,803.4375 L960,803.4375 C957,803.4375 957,786.4688 957,786.4688 C957,786.4688 957,769.5 960,769.5 " fill="#B3B3B3" style="stroke:#A6A6A6;stroke-width:0.3;"/><path d="M1041.6,769.5 C1038.6,769.5 1038.6,786.4688 1038.6,786.4688 C1038.6,803.4375 1041.6,803.4375 1041.6,803.4375 " fill="none" style="stroke:#A6A6A6;stroke-width:0.3;"/><text fill="#FFFFFF" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="75.6" x="960" y="779.1832">«external_container»</text><text fill="#FFFFFF" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="72" x="961.8" y="789.7922">NATS Service</text><text fill="#FFFFFF" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="25.2" x="985.2" y="798.7395">[NATS]</text></g><!--MD5=[3d669a59ee04a28ec5dc9358aab5f1b1]
-entity SyncHandler2--><g id="elem_SyncHandler2"><rect fill="#CCCCCC" height="80.4469" rx="1.5" ry="1.5" style="stroke:#BFBFBF;stroke-width:0.3;" width="121.2" x="1067.4" y="603"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="82.8" x="1086.6" y="615.6832">«external_component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="85.8" x="1083.3" y="626.2922">Synchronization</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="40.8" x="1107.6" y="637.4672">handler</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="15.6" x="1120.2" y="646.4145">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="1126.8" y="655.9096"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="104.4" x="1075.8" y="665.6877">Handles synchronization</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="71.4" x="1092.3" y="675.4658">with other signer</text></g><!--MD5=[d6aaf1a0f5c32983fa5796596196f201]
-entity SignerDB2--><g id="elem_SignerDB2"><path d="M1065.6,755.4 C1065.6,749.4 1129.8,749.4 1129.8,749.4 C1129.8,749.4 1194,749.4 1194,755.4 L1194,817.5375 C1194,823.5375 1129.8,823.5375 1129.8,823.5375 C1129.8,823.5375 1065.6,823.5375 1065.6,817.5375 L1065.6,755.4 " fill="#CCCCCC" style="stroke:#BFBFBF;stroke-width:0.3;"/><path d="M1065.6,755.4 C1065.6,761.4 1129.8,761.4 1129.8,761.4 C1129.8,761.4 1194,761.4 1194,755.4 " fill="none" style="stroke:#BFBFBF;stroke-width:0.3;"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="82.8" x="1088.4" y="770.4832">«external_component»</text><image height="28.8" width="28.8" x="1115.4" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAIAAADYYG7QAAACl0lEQVR4Xu2XbZHCMBCGUYACDKDgDKAABTWAghpAAQowgAIMRNQ9kx0yvXeT9DNzvZl7fpWSbN7sbjbbQ9gZB33x28wT9Hq9Ho9H3/fX6/VyuXxFzufz6XQ6R/h5iXRdx7Dn8/l+v9VKlXFBGL3dbqx0WMrxeEQi+tiPWncUBTEZN2BLza8DL6JMFxuQF4QUtbQp7JPQ66qRjCA2oQbaQCbo2l4QyajzWuJTXgWtSd4F+MD9C/rJHxREkdBJzeDwy+rBCwrti1CCO0DXzgqC+/3O9aQGtoObxB94Iy/IQNa2KUWMqHP1G00FZUfjWwwhbsHVhqcrN6v3kwqyjiI7OcG/OI81bhG0knZdhJ99hOPjFxvCmOyNlhFkO+OBOXWjC2Az6E6eniEowV2LCWbW3VaCLRFx6+n8QVkiSMAoYyxGKUD3iAXRYkfesJPRnBsXtLvbPuytHzJaF+vs+TLygsLeeuohVhXXxHHVV4fNlJeJDb/LMMUwHzgVZMeePZFxJVsrQQRSzHlTBSVSVZRhc7HbxieltzwiaAi2rCTiPKxji4i8Iu8ID7x5RBiQyqMaGjAuqPWBF3yaqyBGbH7US+A/WT14QSFq8rfg5hBQXTiSEWRwaBvJwjE+UomiIGN9VTRSbRwtJSqoK/e8VhK72MvivFKqHSPsAQV2HksG+9hYyksVZMceW9lvlBJ27PVtmZQPUwUZzMEfs5RVQDHeSjXamCdoyDAElRsqwQAJsVqMjAuSHYxCupw+WPboiCre/SoIyTqpGexBVg9eUIgfrDq1AeRANu4ZQeHTrKiNjSCslZYrL8hgB2Tx+qpoWG3E/brMT2qChpBbU9qJIaldmdi8GlMFCb77SR2SNUk6YTILBbVjd4K+Ab755zzpVjRDAAAAAElFTkSuQmCC" y="772.1813"/><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="116.4" x="1071.6" y="809.8922">Certificate repository</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="110.4" x="1074.6" y="818.8395">[Go, Embedded Key-Value DB]</text></g><!--MD5=[c25eb3bb2a673e49b4700e0aa1b6b6c8]
-entity SignerClient--><g id="elem_SignerClient"><rect fill="#999999" height="51.1125" rx="1.5" ry="1.5" style="stroke:#8A8A8A;stroke-width:0.3;" width="125.4" x="270.3" y="4.2"/><text fill="#FFFFFF" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="67.2" x="299.4" y="16.8832">«external_system»</text><text fill="#FFFFFF" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="67.8" x="299.1" y="27.4922">Signer client</text><text fill="#FFFFFF" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="331.8" y="37.5533"> </text><text fill="#FFFFFF" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="111" x="278.7" y="47.3314">Send commands to signer</text></g><!--MD5=[ff028a7ac4eed75d9278e76cd9053439]
-entity HSM--><g id="elem_HSM"><rect fill="#CCCCCC" height="59.4938" rx="1.5" ry="1.5" style="stroke:#BFBFBF;stroke-width:0.3;" width="127.2" x="149.4" y="756.9"/><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="82.8" x="171.6" y="769.5832">«external_component»</text><text fill="#000000" font-family="sans-serif" font-size="9.6" font-weight="bold" lengthAdjust="spacing" textLength="24.6" x="200.7" y="780.1922">HSM</text><text fill="#000000" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="40.2" x="192.9" y="789.1395">[PKCS#11]</text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="2.4" x="211.8" y="798.6346"> </text><text fill="#000000" font-family="sans-serif" font-size="8.4" lengthAdjust="spacing" textLength="112.8" x="157.8" y="808.4127">Hardware security module</text></g><!--MD5=[c4211f20d77779d002d0636fe4eff351]
-link SignerClient to SerialHandler--><g id="link_SignerClient_SerialHandler"><path d="M333,55.308 C333,83.61 333,130.254 333,164.706 " fill="none" id="SignerClient-to-SerialHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="333,169.698,334.8,164.898,331.2,164.898,333,169.698" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="352.5" y="80.4832">Uses</text><text fill="#666666" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="57" x="333.6" y="88.8645">[USB serial link]</text></g><!--MD5=[a5ac9fd6085cba509022a8449c62ed3f]
-link SerialHandler to ProtocolHandler--><g id="link_SerialHandler_ProtocolHandler"><path d="M333,249.096 C333,261.936 333,276.192 333,289.02 " fill="none" id="SerialHandler-to-ProtocolHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="333,293.856,334.8,289.056,331.2,289.056,333,293.856" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="333.6" y="274.2832">Uses</text></g><!--MD5=[6904b7103d89ba041a727edd177c7033]
-link ProtocolHandler to X509SigningHandler--><g id="link_ProtocolHandler_X509SigningHandler"><path d="M372.372,363.06 C389.55,377.868 409.734,395.28 427.314,410.436 " fill="none" id="ProtocolHandler-to-X509SigningHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="431.022,413.64,428.5647,409.1409,426.2123,411.8661,431.022,413.64" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="402.6" y="388.2832">Uses</text></g><!--MD5=[6e0d1b21c46cf0a1aeb331a2c465700e]
-link ProtocolHandler to X509CRLHandler--><g id="link_ProtocolHandler_X509CRLHandler"><path d="M297.408,363.06 C281.946,377.808 263.79,395.136 247.95,410.25 " fill="none" id="ProtocolHandler-to-X509CRLHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="244.398,413.64,249.1119,411.6253,246.6248,409.0225,244.398,413.64" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="279" y="388.2832">Uses</text></g><!--MD5=[8bd9096c966b0786426f772de5ff586e]
-link ProtocolHandler to X509RevocationHandler--><g id="link_ProtocolHandler_X509RevocationHandler"><path d="M383.874,345.972 C426.912,360.774 489.882,383.682 543,408 C545.448,409.122 547.926,410.292 550.416,411.492 " fill="none" id="ProtocolHandler-to-X509RevocationHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="554.916,413.694,551.3949,409.9682,549.8132,413.2022,554.916,413.694" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="498.6" y="388.2832">Uses</text></g><!--MD5=[7630a6f192d59137aef045c59458f3ad]
-link ProtocolHandler to OpenPGPSigningHandler--><g id="link_ProtocolHandler_OpenPGPSigningHandler"><path d="M282.288,348.75 C244.944,363.732 193.254,385.548 149.4,408 C147.318,409.068 145.212,410.172 143.094,411.306 " fill="none" id="ProtocolHandler-to-OpenPGPSigningHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="138.732,413.676,143.8082,412.9606,142.0862,409.7992,138.732,413.676" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="204.6" y="388.2832">Uses</text></g><!--MD5=[dd0964938e0e2c1d6f26fa00fb2a70e5]
-link ProtocolHandler to HealthHandler--><g id="link_ProtocolHandler_HealthHandler"><path d="M333,363.06 C333,377.31 333,393.972 333,408.72 " fill="none" id="ProtocolHandler-to-HealthHandler" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="333,413.64,334.8,408.84,331.2,408.84,333,413.64" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="333.6" y="388.2832">Uses</text></g><!--MD5=[c03f96c452f26815ba38daf1adeb88ce]
-link X509SigningHandler to HSMAccess--><g id="link_X509SigningHandler_HSMAccess"><path d="M451.68,482.844 C441.522,497.97 427.518,514.44 410.4,523.8 C392.52,533.58 383.766,521.148 364.8,528.6 C321.12,545.772 279.06,579.114 250.338,605.328 " fill="none" id="X509SigningHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="246.726,608.646,251.4773,606.7211,249.04,604.0716,246.726,608.646" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="432" y="517.8832">Uses</text></g><!--MD5=[049c56c40f5ce55919cf848cfeae4412]
-link X509SigningHandler to SignerDB--><g id="link_X509SigningHandler_SignerDB"><path d="M469.302,482.886 C468.6,495.75 467.46,510.492 465.6,523.8 C461.97,549.756 455.796,578.478 450.39,601.182 " fill="none" id="X509SigningHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="449.256,605.934,452.1297,601.6888,448.6298,600.846,449.256,605.934" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="26.4" x="468.6" y="517.8832">Writes</text></g><!--MD5=[82b942a05dde6d4abd870be92d5b79e1]
-link X509RevocationHandler to SignerDB--><g id="link_X509RevocationHandler_SignerDB"><path d="M560.058,482.754 C541.632,495.66 521.898,511.428 506.4,528.6 C486.888,550.218 470.346,578.448 458.622,601.41 " fill="none" id="X509RevocationHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="456.342,605.928,460.1097,602.4518,456.8949,600.8315,456.342,605.928" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="26.4" x="528.6" y="517.8832">Writes</text></g><!--MD5=[f3fbeda310f19b6def0836f108fb90ae]
-link X509CRLHandler to HSMAccess--><g id="link_X509CRLHandler_HSMAccess"><path d="M195.06,482.736 C192.546,490.392 190.308,498.576 189,506.4 C183.504,539.31 191.046,576.624 199.092,603.864 " fill="none" id="X509CRLHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="200.49,608.484,200.8156,603.3679,197.3713,604.4154,200.49,608.484" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="189.6" y="517.8832">Uses</text></g><!--MD5=[1be83cc4a91ae3618c25e12be491020b]
-link X509CRLHandler to SignerDB--><g id="link_X509CRLHandler_SignerDB"><path d="M257.856,482.772 C261.306,484.764 264.774,486.66 268.2,488.4 C288.966,498.93 298.116,493.356 317.4,506.4 C327.9,513.504 372.84,564.642 405.222,602.172 " fill="none" id="X509CRLHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="408.516,605.988,406.7486,601.1759,404.0203,603.5246,408.516,605.988" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="24.6" x="334.8" y="517.8832">Reads</text></g><!--MD5=[1531770e9c84b9a37109fc722a3e41bc]
-link OpenPGPSigningHandler to HSMAccess--><g id="link_OpenPGPSigningHandler_HSMAccess"><path d="M106.122,482.778 C128.91,516.858 163.932,569.22 187.614,604.644 " fill="none" id="OpenPGPSigningHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="190.302,608.658,189.1297,603.6674,186.1373,605.6688,190.302,608.658" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="133.8" y="517.8832">Uses</text></g><!--MD5=[5647650e77d9b601644db74356963c93]
-link OpenPGPSigningHandler to SignerDB--><g id="link_OpenPGPSigningHandler_SignerDB"><path d="M136.014,482.736 C140.448,484.86 144.936,486.786 149.4,488.4 C198.63,506.196 218.544,483.876 265.8,506.4 C276.198,511.356 276.156,516.42 285,523.8 C317.736,551.118 355.692,580.284 385.83,602.886 " fill="none" id="OpenPGPSigningHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="389.844,605.886,387.0778,601.57,384.9219,604.453,389.844,605.886" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="26.4" x="285.6" y="517.8832">Writes</text></g><!--MD5=[01fcd97973dce0a15ca3f22ec6f9a33e]
-link HealthHandler to HSMAccess--><g id="link_HealthHandler_HSMAccess"><path d="M278.544,482.46 C275.058,484.494 271.59,486.492 268.2,488.4 C253.026,496.944 243.534,492.24 233.4,506.4 C213.276,534.522 209.382,574.344 209.796,603.666 " fill="none" id="HealthHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="209.91,608.646,211.5981,603.8055,207.9991,603.8891,209.91,608.646" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="234" y="517.8832">Checks</text></g><!--MD5=[8e666ca13f2e292cf801466daea72d33]
-link HealthHandler to SignerDB--><g id="link_HealthHandler_SignerDB"><path d="M353.514,482.76 C358.086,490.494 362.862,498.696 367.2,506.4 C385.044,538.092 404.376,574.47 418.602,601.65 " fill="none" id="HealthHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="420.84,605.934,420.2057,600.847,417.0172,602.5184,420.84,605.934" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="376.2" y="517.8832">Checks</text></g><!--MD5=[f6d0a255b9300fdc869edf618776ea20]
-link SyncHandler to SignerDB--><g id="link_SyncHandler_SignerDB"><path d="M698.916,483.69 C695.334,485.37 691.74,486.948 688.2,488.4 C633.648,510.714 618.39,513.282 560.4,523.8 C548.544,525.948 516.57,522.144 506.4,528.6 C480.288,545.166 463.206,575.928 452.88,601.326 " fill="none" id="SyncHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="451.098,605.838,454.5393,602.0384,451.1924,600.7125,451.098,605.838" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="639" y="517.8832">Uses</text></g><!--MD5=[ce0bb68167ca79996a54c04fb7a06609]
-link SyncHandler to NATS--><g id="link_SyncHandler_NATS"><path d="M802.014,492.336 C811.836,503.628 821.754,516.132 829.8,528.6 C849.354,558.888 865.236,597.81 873.996,621.444 " fill="none" id="SyncHandler-NATS" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="875.652,625.962,875.6884,620.8357,872.3087,622.0758,875.652,625.962" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="798.69,488.55,800.5066,493.3437,803.2107,490.9672,798.69,488.55" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="50.4" x="828.3" y="513.6832">Synchronize</text><text fill="#666666" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="57" x="825" y="522.0645">[NATS protocol]</text></g><!--MD5=[ac10af24f910bae24644d4ccf6ac738e]
-link NATS to NATS2--><g id="link_NATS_NATS2"><path d="M895.272,664.308 C907.872,682.488 927.318,709.482 946.2,731.4 C956.484,743.34 968.838,755.826 979.194,765.846 " fill="none" id="NATS-NATS2" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="982.908,769.416,980.6986,764.7902,978.2017,767.3835,982.908,769.416" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="892.53,660.336,893.7738,665.3092,896.7372,663.2651,892.53,660.336" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="50.4" x="946.8" y="721.2832">Synchronize</text><text fill="#666666" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="40.8" x="951.6" y="729.6645">[NATS/TLS]</text></g><!--MD5=[06c6604c5c35b105f23e33e7e3e4aba5]
-link SyncHandler2 to NATS2--><g id="link_SyncHandler2_NATS2"><path d="M1089.258,687.108 C1065.864,713.262 1037.148,745.368 1018.908,765.756 " fill="none" id="SyncHandler2-NATS2" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="1015.626,769.428,1020.1677,767.0504,1017.4845,764.6504,1015.626,769.428" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="1092.57,683.412,1088.0251,685.7835,1090.7051,688.1872,1092.57,683.412" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="50.4" x="1068.3" y="721.2832">Synchronize</text><text fill="#666666" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="57" x="1065" y="729.6645">[NATS protocol]</text></g><!--MD5=[19a8c02a4a6c3e2efd241ec79f03fa40]
-link SyncHandler2 to SignerDB2--><g id="link_SyncHandler2_SignerDB2"><path d="M1128.504,683.412 C1128.744,702.426 1129.032,725.208 1129.272,744.468 " fill="none" id="SyncHandler2-to-SignerDB2" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="1129.338,749.286,1131.0779,744.4639,1127.4781,744.5089,1129.338,749.286" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="1129.2" y="725.4832">Uses</text></g><!--MD5=[c3f60d65e94da5508ad0c196407a2043]
-link HSMAccess to HSM--><g id="link_HSMAccess_HSM"><path d="M213,677.862 C213,700.242 213,729.42 213,751.824 " fill="none" id="HSMAccess-to-HSM" style="stroke:#666666;stroke-width:0.6;"/><polygon fill="#666666" points="213,756.786,214.8,751.986,211.2,751.986,213,756.786" style="stroke:#666666;stroke-width:0.6;"/><text fill="#666666" font-family="sans-serif" font-size="7.2" font-weight="bold" lengthAdjust="spacing" textLength="19.2" x="224.1" y="721.2832">Uses</text><text fill="#666666" font-family="sans-serif" font-size="7.2" font-style="italic" lengthAdjust="spacing" textLength="40.2" x="213.6" y="729.6645">[PKCS#11]</text></g><!--MD5=[c9954cc1af4dd87dab4d4e1f05280030]
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="1432.8px" preserveAspectRatio="none" style="width:1843px;height:1432px;background:#FFFFFF;" version="1.1" viewBox="0 0 1843 1432" width="1843.2px" zoomAndPan="magnify"><defs/><g><!--MD5=[ef20b3fe45c502f37db21f37a527870c]
+cluster Signer--><g id="cluster_Signer"><rect fill="none" height="1062" rx="2.25" ry="2.25" style="stroke:#444444;stroke-width:0.9;stroke-dasharray:7.0,7.0;" width="1393.2" x="6.3" y="150.3"/><text fill="#444444" font-family="sans-serif" font-size="5.4" font-style="italic" lengthAdjust="spacing" textLength="34.2" x="685.8" y="157.1124">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="109.8" x="648" y="174.4664">Signer server</text><text fill="#444444" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="54.9" x="675.45" y="187.8873">[System]</text></g><!--MD5=[1bab5bcae8e0c09a8d95c3a3ae22aa87]
+cluster SignerSoftware--><g id="cluster_SignerSoftware"><rect fill="none" height="978.3" rx="2.25" ry="2.25" style="stroke:#444444;stroke-width:0.9;stroke-dasharray:7.0,7.0;" width="1216.8" x="27.9" y="212.4"/><text fill="#444444" font-family="sans-serif" font-size="5.4" font-style="italic" lengthAdjust="spacing" textLength="34.2" x="619.2" y="219.2124">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="132.3" x="570.15" y="236.5664">Signer Software</text></g><!--MD5=[4e4416bf7ebbd0afd89bc8fc82d4e864]
+cluster Signer2--><g id="cluster_Signer2"><rect fill="none" height="471.6" rx="2.25" ry="2.25" style="stroke:#444444;stroke-width:0.9;stroke-dasharray:7.0,7.0;" width="416.7" x="1421.1" y="955.8"/><text fill="#444444" font-family="sans-serif" font-size="5.4" font-style="italic" lengthAdjust="spacing" textLength="34.2" x="1612.35" y="962.6124">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="102.6" x="1578.15" y="979.9664">Other signer</text><text fill="#444444" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="54.9" x="1602" y="993.3873">[System]</text></g><!--MD5=[fd28193bdccf8ac8e7e1a1a0fe20b8a9]
+cluster SignerSoftware2--><g id="cluster_SignerSoftware2"><rect fill="none" height="387.9" rx="2.25" ry="2.25" style="stroke:#444444;stroke-width:0.9;stroke-dasharray:7.0,7.0;" width="221.4" x="1594.8" y="1017.9"/><text fill="#444444" font-family="sans-serif" font-size="5.4" font-style="italic" lengthAdjust="spacing" textLength="34.2" x="1688.4" y="1024.7124">«boundary»</text><text fill="#444444" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="132.3" x="1639.35" y="1042.0664">Signer Software</text></g><!--MD5=[8f869394a97c4ccf4e0e1a7d0f555823]
+entity NATS--><g id="elem_NATS"><path d="M1263.6,1094.85 L1380.6,1094.85 C1385.1,1094.85 1385.1,1120.3031 1385.1,1120.3031 C1385.1,1120.3031 1385.1,1145.7563 1380.6,1145.7563 L1263.6,1145.7563 C1259.1,1145.7563 1259.1,1120.3031 1259.1,1120.3031 C1259.1,1120.3031 1259.1,1094.85 1263.6,1094.85 " fill="#85BBF0" style="stroke:#78A8D8;stroke-width:0.45;"/><path d="M1380.6,1094.85 C1376.1,1094.85 1376.1,1120.3031 1376.1,1120.3031 C1376.1,1145.7563 1380.6,1145.7563 1380.6,1145.7563 " fill="none" style="stroke:#78A8D8;stroke-width:0.45;"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="1280.25" y="1109.3748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="108" x="1263.6" y="1125.2883">NATS Service</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="37.8" x="1298.7" y="1138.7092">[NATS]</text></g><!--MD5=[1b07182dd713ed4e3be3a95ab68a0fd5]
+entity SerialHandler--><g id="elem_SerialHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="174.6" x="273.6" y="254.7"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="323.55" y="273.7248">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="147.6" x="287.1" y="289.6383">Serial link handler</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="349.2" y="303.0592">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="359.1" y="317.3019"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="149.4" x="286.2" y="331.969">Reads and writes to the</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="96.3" x="312.75" y="346.6362">serial interface</text></g><!--MD5=[ba1642c7c3a493b3e7478514b208a0b1]
+entity Framer--><g id="elem_Framer"><rect fill="#85BBF0" height="89.2406" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="190.8" x="197.1" y="432.9"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="255.15" y="451.9248">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="59.4" x="262.8" y="467.8383">Framer</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="280.8" y="481.2592">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="290.7" y="495.5019"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="169.2" x="209.7" y="510.169">Parses and creates frames</text></g><!--MD5=[deb8adcbb2c5b1682b59342c487f75be]
+entity ServerProtocol--><g id="elem_ServerProtocol"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="159.3" x="419.85" y="425.7"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="462.15" y="444.7248">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="126" x="436.5" y="460.6383">Server protocol</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="487.8" y="474.0592">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="497.7" y="488.3019"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="134.1" x="432.45" y="502.969">Server protocol state</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="55.8" x="471.6" y="517.6362">machine</text></g><!--MD5=[3d42f30e2a78c2aed96731e8102a93c9]
+entity ProtocolHandler--><g id="elem_ProtocolHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="152.1" x="423.45" y="596.7"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="462.15" y="615.7248">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="134.1" x="432.45" y="631.6383">Protocol handler</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="487.8" y="645.0592">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="497.7" y="659.3019"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="120.6" x="439.2" y="673.969">Parses and creates</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="120.6" x="439.2" y="688.6362">protocol messages</text></g><!--MD5=[1011eedbd8ff904aa9b61ed64da000c5]
+entity X509SigningHandler--><g id="elem_X509SigningHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="186.3" x="612.45" y="776.25"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="668.25" y="795.2748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="108.9" x="651.15" y="811.1883">X.509 signing</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="693.9" y="824.6092">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="703.8" y="838.8519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="161.1" x="625.05" y="853.519">Handles X.509 certificate</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="120.6" x="645.3" y="868.1862">signing commands</text></g><!--MD5=[1c6dc598b8ad1e32344a0fe24eeaf662]
+entity X509RevocationHandler--><g id="elem_X509RevocationHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="186.3" x="830.25" y="776.25"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="886.05" y="795.2748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="136.8" x="855" y="811.1883">X.509 revocation</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="911.7" y="824.6092">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="921.6" y="838.8519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="161.1" x="842.85" y="853.519">Handles X.509 certificate</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="143.1" x="851.85" y="868.1862">revocation commands</text></g><!--MD5=[6f59e0a59673b0784d2b49aad5931220]
+entity OpenPGPSigningHandler--><g id="elem_OpenPGPSigningHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="165.6" x="42.3" y="776.25"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="87.75" y="795.2748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="138.6" x="55.8" y="811.1883">OpenPGP signing</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="113.4" y="824.6092">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="123.3" y="838.8519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="140.4" x="54.9" y="853.519">Handles OpenPGP key</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="126" x="62.1" y="868.1862">signing commands"</text></g><!--MD5=[ac60de3e2d5367fb8173a39d1f6f967e]
+entity X509CRLHandler--><g id="elem_X509CRLHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="146.7" x="239.85" y="776.25"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="275.85" y="795.2748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="71.1" x="277.65" y="811.1883">X.509 crl</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="301.5" y="824.6092">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="311.4" y="838.8519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="121.5" x="252.45" y="853.519">Handles X.509 CRL</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="128.7" x="248.85" y="868.1862">retrieval commands</text></g><!--MD5=[04880e5e31ecc78df75a393e279e8df9]
+entity HealthHandler--><g id="elem_HealthHandler"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="162.9" x="418.05" y="776.25"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="462.15" y="795.2748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="104.4" x="447.3" y="811.1883">Health check</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="487.8" y="824.6092">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="497.7" y="838.8519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="137.7" x="430.65" y="853.519">Handles health check</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="71.1" x="463.95" y="868.1862">commands</text></g><!--MD5=[58d078c34e72bc75166669b12cea25ab]
+entity HSMAccess--><g id="elem_HSMAccess"><rect fill="#85BBF0" height="103.9078" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="174.6" x="232.2" y="1068.75"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="282.15" y="1087.7748">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="96.3" x="271.35" y="1103.6883">HSM access</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="307.8" y="1117.1092">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="317.7" y="1131.3519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="149.4" x="244.8" y="1146.019">Handles HSM hardware</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="43.2" x="297.9" y="1160.6862">access</text></g><!--MD5=[2db99c1383d9a8197df41033e0363f36]
+entity SyncHandler--><g id="elem_SyncHandler"><rect fill="#85BBF0" height="120.6703" rx="2.25" ry="2.25" style="stroke:#78A8D8;stroke-width:0.45;" width="181.8" x="1048.5" y="767.7"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="1102.05" y="786.7248">«component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="128.7" x="1072.35" y="802.6383">Synchronization</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="61.2" x="1108.8" y="819.4008">handler</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="1127.7" y="832.8217">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="1137.6" y="847.0644"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="156.6" x="1061.1" y="861.7315">Handles synchronization</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="107.1" x="1085.85" y="876.3987">with other signer</text></g><!--MD5=[e834ab3daed066426c91d2e7962575e2]
+entity SignerDB--><g id="elem_SignerDB"><path d="M563.4,1073.7 C563.4,1064.7 659.7,1064.7 659.7,1064.7 C659.7,1064.7 756,1064.7 756,1073.7 L756,1166.9063 C756,1175.9063 659.7,1175.9063 659.7,1175.9063 C659.7,1175.9063 563.4,1175.9063 563.4,1166.9063 L563.4,1073.7 " fill="#85BBF0" style="stroke:#78A8D8;stroke-width:0.45;"/><path d="M563.4,1073.7 C563.4,1082.7 659.7,1082.7 659.7,1082.7 C659.7,1082.7 756,1082.7 756,1073.7 " fill="none" style="stroke:#78A8D8;stroke-width:0.45;"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="74.7" x="622.35" y="1096.3248">«component»</text><image height="43.2" width="43.2" x="638.1" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAIAAADYYG7QAAACtklEQVR4Xu2XrUqFQRCGTzUIYhOLQWyCGKzHZrAYtYnYLApWwfIVk8kseAHaLV6Cl+AleAk+nMFhndmf72/xE3x5kXPW3dl3Z2Zn58ya189JceaHfpfdBF0/vZ/dvRxd3e8dnm7PjzZ39+H61s7q2gZ/IV8Zh/PjS6ZdPLzdPH94OxmWBWH04PyWnWZ9sbS8gkT0cR5v3zApiMW4AVvW/DDgRZT57ZRxQUixlkYF5yT0ft+4IA5hDdQBmeB3t4JIRruuJnzKW0FDkrcHfOD+Bf3EHxREkbCLqoHLb3aPCGrqFyEFb4DfPSIIntw88jxZA+OBl8Rf+JwglTVuShEj6lz+RbOCorPxLYYQ1+Npw9OZl9X7yQqSjiK6WMl/cR57UPshWkk7/kK+Mg65Pn6zkMyJvmgRQXIyPrAmb7QHOQy61dMdBCl4azHByrzbUuRIRFx6On9R+ggywChzJEYaICKoQZTYkTecpJhzZUGTe+2bqfVDwtrFOnq/coKaqfXUIaUqDonjoF8dstLPE474uwxTTPOBs4Lk2nMmMi5layARgRRxXltBCq2K3m4nymvjk9JbLggKgS0piTgP69giIuwE8SXkAyOMQyZoebSGApQF1b7wBj7NrSBmjH7VU8B/ZveIINHkX8HRQUD91nFBQi5tJVk4xkeqLEg4vCoKtDYWS4kVNE/3vFIS54teFuelUo1xyBlQIPcxZVAaSzNoBcm1x1b0N0qKcu39eIqaD20FCViDPzopyxDFeEtrtKCboBBhCDIvlJIJJsTW4gJlQeYERZAubCaU7LEzsvDut4KQbBdVA2cwu0cENYsfrHZpBZAD0bhHBDXfzYq1MRIIa6bligsScgKyeHhVFEhtxP1+o5A5QSHJrTbtRAhtV1o2r8K2ggx996MdkjRJfklL9hRUj5MT9AU1SPnpo3eZPgAAAABJRU5ErkJggg==" y="1098.8719"/><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="174.6" x="572.4" y="1155.4383">Certificate repository</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="165.6" x="576.9" y="1168.8592">[Go, Embedded Key-Value DB]</text></g><!--MD5=[8940efdef782accd207644e2a21c9a46]
+entity NATS2--><g id="elem_NATS2"><path d="M1440,1309.95 L1573.2,1309.95 C1577.7,1309.95 1577.7,1335.4031 1577.7,1335.4031 C1577.7,1335.4031 1577.7,1360.8563 1573.2,1360.8563 L1440,1360.8563 C1435.5,1360.8563 1435.5,1335.4031 1435.5,1335.4031 C1435.5,1335.4031 1435.5,1309.95 1440,1309.95 " fill="#CCCCCC" style="stroke:#BFBFBF;stroke-width:0.45;"/><path d="M1573.2,1309.95 C1568.7,1309.95 1568.7,1335.4031 1568.7,1335.4031 C1568.7,1360.8563 1573.2,1360.8563 1573.2,1360.8563 " fill="none" style="stroke:#BFBFBF;stroke-width:0.45;"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="124.2" x="1440" y="1324.4748">«external_component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="108" x="1448.1" y="1340.3883">NATS Service</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="37.8" x="1483.2" y="1353.8092">[NATS]</text></g><!--MD5=[3d669a59ee04a28ec5dc9358aab5f1b1]
+entity SyncHandler2--><g id="elem_SyncHandler2"><rect fill="#CCCCCC" height="120.6703" rx="2.25" ry="2.25" style="stroke:#BFBFBF;stroke-width:0.45;" width="181.8" x="1611.9" y="1060.2"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="124.2" x="1640.7" y="1079.2248">«external_component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="128.7" x="1635.75" y="1095.1383">Synchronization</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="61.2" x="1672.2" y="1111.9008">handler</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="23.4" x="1691.1" y="1125.3217">[Go]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="1701" y="1139.5644"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="156.6" x="1624.5" y="1154.2315">Handles synchronization</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="107.1" x="1649.25" y="1168.8987">with other signer</text></g><!--MD5=[d6aaf1a0f5c32983fa5796596196f201]
+entity SignerDB2--><g id="elem_SignerDB2"><path d="M1609.2,1288.8 C1609.2,1279.8 1705.5,1279.8 1705.5,1279.8 C1705.5,1279.8 1801.8,1279.8 1801.8,1288.8 L1801.8,1382.0063 C1801.8,1391.0063 1705.5,1391.0063 1705.5,1391.0063 C1705.5,1391.0063 1609.2,1391.0063 1609.2,1382.0063 L1609.2,1288.8 " fill="#CCCCCC" style="stroke:#BFBFBF;stroke-width:0.45;"/><path d="M1609.2,1288.8 C1609.2,1297.8 1705.5,1297.8 1705.5,1297.8 C1705.5,1297.8 1801.8,1297.8 1801.8,1288.8 " fill="none" style="stroke:#BFBFBF;stroke-width:0.45;"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="124.2" x="1643.4" y="1311.4248">«external_component»</text><image height="43.2" width="43.2" x="1683.9" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAIAAADYYG7QAAACl0lEQVR4Xu2XbZHCMBCGUYACDKDgDKAABTWAghpAAQowgAIMRNQ9kx0yvXeT9DNzvZl7fpWSbN7sbjbbQ9gZB33x28wT9Hq9Ho9H3/fX6/VyuXxFzufz6XQ6R/h5iXRdx7Dn8/l+v9VKlXFBGL3dbqx0WMrxeEQi+tiPWncUBTEZN2BLza8DL6JMFxuQF4QUtbQp7JPQ66qRjCA2oQbaQCbo2l4QyajzWuJTXgWtSd4F+MD9C/rJHxREkdBJzeDwy+rBCwrti1CCO0DXzgqC+/3O9aQGtoObxB94Iy/IQNa2KUWMqHP1G00FZUfjWwwhbsHVhqcrN6v3kwqyjiI7OcG/OI81bhG0knZdhJ99hOPjFxvCmOyNlhFkO+OBOXWjC2Az6E6eniEowV2LCWbW3VaCLRFx6+n8QVkiSMAoYyxGKUD3iAXRYkfesJPRnBsXtLvbPuytHzJaF+vs+TLygsLeeuohVhXXxHHVV4fNlJeJDb/LMMUwHzgVZMeePZFxJVsrQQRSzHlTBSVSVZRhc7HbxieltzwiaAi2rCTiPKxji4i8Iu8ID7x5RBiQyqMaGjAuqPWBF3yaqyBGbH7US+A/WT14QSFq8rfg5hBQXTiSEWRwaBvJwjE+UomiIGN9VTRSbRwtJSqoK/e8VhK72MvivFKqHSPsAQV2HksG+9hYyksVZMceW9lvlBJ27PVtmZQPUwUZzMEfs5RVQDHeSjXamCdoyDAElRsqwQAJsVqMjAuSHYxCupw+WPboiCre/SoIyTqpGexBVg9eUIgfrDq1AeRANu4ZQeHTrKiNjSCslZYrL8hgB2Tx+qpoWG3E/brMT2qChpBbU9qJIaldmdi8GlMFCb77SR2SNUk6YTILBbVjd4K+Ab755zzpVjRDAAAAAElFTkSuQmCC" y="1313.9719"/><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="174.6" x="1618.2" y="1370.5383">Certificate repository</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="165.6" x="1622.7" y="1383.9592">[Go, Embedded Key-Value DB]</text></g><!--MD5=[c25eb3bb2a673e49b4700e0aa1b6b6c8]
+entity SignerClient--><g id="elem_SignerClient"><rect fill="#999999" height="76.6688" rx="2.25" ry="2.25" style="stroke:#8A8A8A;stroke-width:0.45;" width="188.1" x="266.85" y="6.3"/><text fill="#FFFFFF" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="100.8" x="310.5" y="25.3248">«external_system»</text><text fill="#FFFFFF" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="101.7" x="310.05" y="41.2383">Signer client</text><text fill="#FFFFFF" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="359.1" y="56.33"> </text><text fill="#FFFFFF" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="166.5" x="279.45" y="70.9972">Send commands to signer</text></g><!--MD5=[ff028a7ac4eed75d9278e76cd9053439]
+entity HSM--><g id="elem_HSM"><rect fill="#CCCCCC" height="89.2406" rx="2.25" ry="2.25" style="stroke:#BFBFBF;stroke-width:0.45;" width="190.8" x="224.1" y="1291.05"/><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="124.2" x="257.4" y="1310.0748">«external_component»</text><text fill="#000000" font-family="sans-serif" font-size="14.4" font-weight="bold" lengthAdjust="spacing" textLength="36.9" x="301.05" y="1325.9883">HSM</text><text fill="#000000" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="60.3" x="289.35" y="1339.4092">[PKCS#11]</text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="3.6" x="317.7" y="1353.6519"> </text><text fill="#000000" font-family="sans-serif" font-size="12.6" lengthAdjust="spacing" textLength="169.2" x="236.7" y="1368.319">Hardware security module</text></g><!--MD5=[c4211f20d77779d002d0636fe4eff351]
+link SignerClient to SerialHandler--><g id="link_SignerClient_SerialHandler"><path d="M360.9,82.989 C360.9,126.036 360.9,197.109 360.9,247.338 " fill="none" id="SignerClient-to-SerialHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="360.9,254.592,363.6,247.392,358.2,247.392,360.9,254.592" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="390.15" y="120.7248">Uses</text><text fill="#666666" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="85.5" x="361.8" y="133.2967">[USB serial link]</text></g><!--MD5=[de40622977f577968ad15aec8c744a51]
+link SerialHandler to Framer--><g id="link_SerialHandler_Framer"><path d="M340.281,358.344 C331.623,379.773 321.579,404.622 312.939,425.997 " fill="none" id="SerialHandler-to-Framer" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="310.185,432.81,315.3885,427.1484,310.3827,425.1229,310.185,432.81" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="330.3" y="396.1248">Uses</text></g><!--MD5=[1211b684f0f4acfb9ea05d642655511a]
+link SerialHandler to ServerProtocol--><g id="link_SerialHandler_ServerProtocol"><path d="M402.669,358.344 C418.563,377.739 436.752,399.951 453.051,419.841 " fill="none" id="SerialHandler-to-ServerProtocol" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="457.812,425.655,455.3351,418.3753,451.1591,421.7989,457.812,425.655" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="435.6" y="396.1248">Uses</text></g><!--MD5=[eb969237a50a57975d692cb125e88891]
+link ServerProtocol to ProtocolHandler--><g id="link_ServerProtocol_ProtocolHandler"><path d="M499.5,529.344 C499.5,548.244 499.5,569.808 499.5,589.302 " fill="none" id="ServerProtocol-to-ProtocolHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="499.5,596.655,502.2,589.455,496.8,589.455,499.5,596.655" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="500.4" y="567.1248">Uses</text></g><!--MD5=[6904b7103d89ba041a727edd177c7033]
+link ProtocolHandler to X509SigningHandler--><g id="link_ProtocolHandler_X509SigningHandler"><path d="M558.558,700.29 C584.325,722.502 614.601,748.62 640.971,771.354 " fill="none" id="ProtocolHandler-to-X509SigningHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="646.533,776.16,642.847,769.4114,639.3184,773.4991,646.533,776.16" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="603.9" y="738.1248">Uses</text></g><!--MD5=[6e0d1b21c46cf0a1aeb331a2c465700e]
+link ProtocolHandler to X509CRLHandler--><g id="link_ProtocolHandler_X509CRLHandler"><path d="M446.112,700.29 C422.919,722.412 395.685,748.404 371.925,771.075 " fill="none" id="ProtocolHandler-to-X509CRLHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="366.597,776.16,373.6678,773.1379,369.9372,769.2337,366.597,776.16" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="418.5" y="738.1248">Uses</text></g><!--MD5=[8bd9096c966b0786426f772de5ff586e]
+link ProtocolHandler to X509RevocationHandler--><g id="link_ProtocolHandler_X509RevocationHandler"><path d="M575.811,674.658 C640.368,696.861 734.823,731.223 814.5,767.7 C818.172,769.383 821.889,771.138 825.624,772.938 " fill="none" id="ProtocolHandler-to-X509RevocationHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="832.374,776.241,827.0923,770.6523,824.7199,775.5032,832.374,776.241" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="747.9" y="738.1248">Uses</text></g><!--MD5=[7630a6f192d59137aef045c59458f3ad]
+link ProtocolHandler to OpenPGPSigningHandler--><g id="link_ProtocolHandler_OpenPGPSigningHandler"><path d="M423.432,678.825 C367.416,701.298 289.881,734.022 224.1,767.7 C220.977,769.302 217.818,770.958 214.641,772.659 " fill="none" id="ProtocolHandler-to-OpenPGPSigningHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="208.098,776.214,215.7124,775.1409,213.1293,770.3988,208.098,776.214" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="306.9" y="738.1248">Uses</text></g><!--MD5=[dd0964938e0e2c1d6f26fa00fb2a70e5]
+link ProtocolHandler to HealthHandler--><g id="link_ProtocolHandler_HealthHandler"><path d="M499.5,700.29 C499.5,721.665 499.5,746.658 499.5,768.78 " fill="none" id="ProtocolHandler-to-HealthHandler" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="499.5,776.16,502.2,768.96,496.8,768.96,499.5,776.16" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="500.4" y="738.1248">Uses</text></g><!--MD5=[c03f96c452f26815ba38daf1adeb88ce]
+link X509SigningHandler to HSMAccess--><g id="link_X509SigningHandler_HSMAccess"><path d="M677.52,879.966 C662.283,902.655 641.277,927.36 615.6,941.4 C588.78,956.07 575.649,937.422 547.2,948.6 C481.68,974.358 418.59,1024.371 375.507,1063.692 " fill="none" id="X509SigningHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="370.089,1068.669,377.2159,1065.7816,373.56,1061.8074,370.089,1068.669" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="648" y="932.5248">Uses</text></g><!--MD5=[049c56c40f5ce55919cf848cfeae4412]
+link X509SigningHandler to SignerDB--><g id="link_X509SigningHandler_SignerDB"><path d="M703.953,880.029 C702.9,899.325 701.19,921.438 698.4,941.4 C692.955,980.334 683.694,1023.417 675.585,1057.473 " fill="none" id="X509SigningHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="673.884,1064.601,678.1946,1058.2332,672.9447,1056.969,673.884,1064.601" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="39.6" x="702.9" y="932.5248">Writes</text></g><!--MD5=[82b942a05dde6d4abd870be92d5b79e1]
+link X509RevocationHandler to SignerDB--><g id="link_X509RevocationHandler_SignerDB"><path d="M840.087,879.831 C812.448,899.19 782.847,922.842 759.6,948.6 C730.332,981.027 705.519,1023.372 687.933,1057.815 " fill="none" id="X509RevocationHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="684.513,1064.592,690.1646,1059.3776,685.3424,1056.9473,684.513,1064.592" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="39.6" x="792.9" y="932.5248">Writes</text></g><!--MD5=[f3fbeda310f19b6def0836f108fb90ae]
+link X509CRLHandler to HSMAccess--><g id="link_X509CRLHandler_HSMAccess"><path d="M292.59,879.804 C288.819,891.288 285.462,903.564 283.5,915.3 C275.256,964.665 286.569,1020.636 298.638,1061.496 " fill="none" id="X509CRLHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="300.735,1068.426,301.2234,1060.7519,296.057,1062.323,300.735,1068.426" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="284.4" y="932.5248">Uses</text></g><!--MD5=[1be83cc4a91ae3618c25e12be491020b]
+link X509CRLHandler to SignerDB--><g id="link_X509CRLHandler_SignerDB"><path d="M386.784,879.858 C391.959,882.846 397.161,885.69 402.3,888.3 C433.449,904.095 447.174,895.734 476.1,915.3 C491.85,925.956 559.26,1002.663 607.833,1058.958 " fill="none" id="X509CRLHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="612.774,1064.682,610.1229,1057.4639,606.0304,1060.9869,612.774,1064.682" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="36.9" x="502.2" y="932.5248">Reads</text></g><!--MD5=[1531770e9c84b9a37109fc722a3e41bc]
+link OpenPGPSigningHandler to HSMAccess--><g id="link_OpenPGPSigningHandler_HSMAccess"><path d="M159.183,879.867 C193.365,930.987 245.898,1009.53 281.421,1062.666 " fill="none" id="OpenPGPSigningHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="285.453,1068.687,283.6946,1061.2012,279.2059,1064.2032,285.453,1068.687" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="200.7" y="932.5248">Uses</text></g><!--MD5=[5647650e77d9b601644db74356963c93]
+link OpenPGPSigningHandler to SignerDB--><g id="link_OpenPGPSigningHandler_SignerDB"><path d="M204.021,879.804 C210.672,882.99 217.404,885.879 224.1,888.3 C297.945,914.994 327.816,881.514 398.7,915.3 C414.297,922.734 414.234,930.33 427.5,941.4 C476.604,982.377 533.538,1026.126 578.745,1060.029 " fill="none" id="OpenPGPSigningHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="584.766,1064.529,580.6167,1058.0549,577.3829,1062.3796,584.766,1064.529" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="39.6" x="428.4" y="932.5248">Writes</text></g><!--MD5=[01fcd97973dce0a15ca3f22ec6f9a33e]
+link HealthHandler to HSMAccess--><g id="link_HealthHandler_HSMAccess"><path d="M417.816,879.39 C412.587,882.441 407.385,885.438 402.3,888.3 C379.539,901.116 365.301,894.06 350.1,915.3 C319.914,957.483 314.073,1017.216 314.694,1061.199 " fill="none" id="HealthHandler-to-HSMAccess" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="314.865,1068.669,317.3972,1061.4083,311.9986,1061.5336,314.865,1068.669" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="43.2" x="351" y="932.5248">Checks</text></g><!--MD5=[8e666ca13f2e292cf801466daea72d33]
+link HealthHandler to SignerDB--><g id="link_HealthHandler_SignerDB"><path d="M530.271,879.84 C537.129,891.441 544.293,903.744 550.8,915.3 C577.566,962.838 606.564,1017.405 627.903,1058.175 " fill="none" id="HealthHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="631.26,1064.601,630.3086,1056.9705,625.5259,1059.4776,631.26,1064.601" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="43.2" x="564.3" y="932.5248">Checks</text></g><!--MD5=[f6d0a255b9300fdc869edf618776ea20]
+link SyncHandler to SignerDB--><g id="link_SyncHandler_SignerDB"><path d="M1048.374,881.235 C1043.001,883.755 1037.61,886.122 1032.3,888.3 C950.472,921.771 927.585,925.623 840.6,941.4 C822.816,944.622 774.855,938.916 759.6,948.6 C720.432,973.449 694.809,1019.592 679.32,1057.689 " fill="none" id="SyncHandler-to-SignerDB" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="676.647,1064.457,681.809,1058.7576,676.7886,1056.7687,676.647,1064.457" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="958.5" y="932.5248">Uses</text></g><!--MD5=[ce0bb68167ca79996a54c04fb7a06609]
+link SyncHandler to NATS--><g id="link_SyncHandler_NATS"><path d="M1203.021,894.204 C1217.754,911.142 1232.631,929.898 1244.7,948.6 C1274.031,994.032 1297.854,1052.415 1310.994,1087.866 " fill="none" id="SyncHandler-NATS" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1313.478,1094.643,1313.5326,1086.9536,1308.4631,1088.8137,1313.478,1094.643" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1198.035,888.525,1200.76,895.7156,1204.8161,892.1508,1198.035,888.525" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="75.6" x="1242.45" y="926.2248">Synchronize</text><text fill="#666666" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="85.5" x="1237.5" y="938.7967">[NATS protocol]</text></g><!--MD5=[ac10af24f910bae24644d4ccf6ac738e]
+link NATS to NATS2--><g id="link_NATS_NATS2"><path d="M1345.383,1152.081 C1366.218,1179.135 1397.943,1219.356 1427.4,1252.8 C1442.889,1270.386 1460.997,1289.232 1475.991,1304.406 " fill="none" id="NATS-NATS2" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1481.364,1309.824,1478.1997,1302.8156,1474.3717,1306.6244,1481.364,1309.824" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1340.847,1146.177,1343.0912,1153.5318,1347.3739,1150.2427,1340.847,1146.177" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="75.6" x="1428.3" y="1237.6248">Synchronize</text><text fill="#666666" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="61.2" x="1435.5" y="1250.1967">[NATS/TLS]</text></g><!--MD5=[06c6604c5c35b105f23e33e7e3e4aba5]
+link SyncHandler2 to NATS2--><g id="link_SyncHandler2_NATS2"><path d="M1643.04,1186.362 C1606.959,1225.593 1562.661,1273.752 1534.527,1304.334 " fill="none" id="SyncHandler2-NATS2" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1529.469,1309.842,1536.3264,1306.3627,1532.3478,1302.7116,1529.469,1309.842" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1648.143,1180.818,1641.2814,1184.289,1645.2556,1187.9449,1648.143,1180.818" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="75.6" x="1610.55" y="1237.6248">Synchronize</text><text fill="#666666" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="85.5" x="1605.6" y="1250.1967">[NATS protocol]</text></g><!--MD5=[19a8c02a4a6c3e2efd241ec79f03fa40]
+link SyncHandler2 to SignerDB2--><g id="link_SyncHandler2_SignerDB2"><path d="M1703.556,1180.818 C1703.916,1209.339 1704.348,1243.512 1704.708,1272.402 " fill="none" id="SyncHandler2-to-SignerDB2" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="1704.807,1279.629,1707.4168,1272.3958,1702.0172,1272.4633,1704.807,1279.629" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="1704.6" y="1243.9248">Uses</text></g><!--MD5=[c3f60d65e94da5508ad0c196407a2043]
+link HSMAccess to HSM--><g id="link_HSMAccess_HSM"><path d="M319.5,1172.493 C319.5,1206.063 319.5,1249.83 319.5,1283.436 " fill="none" id="HSMAccess-to-HSM" style="stroke:#666666;stroke-width:0.9;"/><polygon fill="#666666" points="319.5,1290.879,322.2,1283.679,316.8,1283.679,319.5,1290.879" style="stroke:#666666;stroke-width:0.9;"/><text fill="#666666" font-family="sans-serif" font-size="10.8" font-weight="bold" lengthAdjust="spacing" textLength="28.8" x="336.15" y="1237.6248">Uses</text><text fill="#666666" font-family="sans-serif" font-size="10.8" font-style="italic" lengthAdjust="spacing" textLength="60.3" x="320.4" y="1250.1967">[PKCS#11]</text></g><!--MD5=[5a23765b41eba2fb33cbd44d9ccde792]
 @startuml
 !include <C4/C4_Component.puml>
 !include <tupadr3/font-awesome/database>
@@ -51,7 +55,9 @@ System_Ext(SignerClient, "Signer client", "Send commands to signer")
 
 System_Boundary(Signer, "Signer server") {
   Boundary(SignerSoftware, "Signer Software") {
-    Component(SerialHandler, "Serial link handler", "Go", "Reads and writes to the serial interface, parses and creates frames")
+    Component(SerialHandler, "Serial link handler", "Go", "Reads and writes to the serial interface")
+    Component(Framer, "Framer", "Go", "Parses and creates frames")
+    Component(ServerProtocol, "Server protocol", "Go", "Server protocol state machine")
     Component(ProtocolHandler, "Protocol handler", "Go", "Parses and creates protocol messages")
     Component(X509SigningHandler, "X.509 signing", "Go", "Handles X.509 certificate signing commands")
     Component(X509RevocationHandler, "X.509 revocation", "Go", "Handles X.509 certificate revocation commands")
@@ -63,7 +69,7 @@ System_Boundary(Signer, "Signer server") {
     ComponentDb(SignerDB, "Certificate repository", "Go, Embedded Key-Value DB", $sprite="database")
   }
 
-  ContainerQueue(NATS, "NATS Service", "NATS")
+  ComponentQueue(NATS, "NATS Service", "NATS")
 }
 
 System_Boundary(Signer2, "Other signer") {
@@ -72,14 +78,16 @@ System_Boundary(Signer2, "Other signer") {
     ComponentDb_Ext(SignerDB2, "Certificate repository", "Go, Embedded Key-Value DB", $sprite="database")
   }
 
-  ContainerQueue_Ext(NATS2, "NATS Service", "NATS")
+  ComponentQueue_Ext(NATS2, "NATS Service", "NATS")
 }
 
 Component_Ext(HSM, "HSM", "PKCS#11", "Hardware security module")
 
 Rel(SignerClient, SerialHandler, "Uses", "USB serial link")
 
-Rel(SerialHandler, ProtocolHandler, "Uses")
+Rel(SerialHandler, Framer, "Uses")
+Rel(SerialHandler, ServerProtocol, "Uses")
+Rel(ServerProtocol, ProtocolHandler, "Uses")
 
 Rel(ProtocolHandler, X509SigningHandler, "Uses")
 Rel(ProtocolHandler, X509CRLHandler, "Uses")
@@ -770,7 +778,9 @@ rectangle "==Signer client\n\n Send commands to signer" <<external_system>> as S
 
 rectangle "==Signer server\n<size:12>[System]</size>" <<boundary>> as Signer  {
   rectangle "==Signer Software" <<boundary>> as SignerSoftware  {
-    rectangle "==Serial link handler\n//<size:12>[Go]</size>//\n\n Reads and writes to the serial interface, parses and creates frames" <<component>> as SerialHandler 
+    rectangle "==Serial link handler\n//<size:12>[Go]</size>//\n\n Reads and writes to the serial interface" <<component>> as SerialHandler 
+    rectangle "==Framer\n//<size:12>[Go]</size>//\n\n Parses and creates frames" <<component>> as Framer 
+    rectangle "==Server protocol\n//<size:12>[Go]</size>//\n\n Server protocol state machine" <<component>> as ServerProtocol 
     rectangle "==Protocol handler\n//<size:12>[Go]</size>//\n\n Parses and creates protocol messages" <<component>> as ProtocolHandler 
     rectangle "==X.509 signing\n//<size:12>[Go]</size>//\n\n Handles X.509 certificate signing commands" <<component>> as X509SigningHandler 
     rectangle "==X.509 revocation\n//<size:12>[Go]</size>//\n\n Handles X.509 certificate revocation commands" <<component>> as X509RevocationHandler 
@@ -782,7 +792,7 @@ rectangle "==Signer server\n<size:12>[System]</size>" <<boundary>> as Signer  {
     database "<$database>\n==Certificate repository\n//<size:12>[Go, Embedded Key-Value DB]</size>//" <<component>> as SignerDB 
   }
 
-  queue "==NATS Service\n//<size:12>[NATS]</size>//" <<container>> as NATS 
+  queue "==NATS Service\n//<size:12>[NATS]</size>//" <<component>> as NATS 
 }
 
 rectangle "==Other signer\n<size:12>[System]</size>" <<boundary>> as Signer2  {
@@ -791,14 +801,16 @@ rectangle "==Other signer\n<size:12>[System]</size>" <<boundary>> as Signer2  {
     database "<$database>\n==Certificate repository\n//<size:12>[Go, Embedded Key-Value DB]</size>//" <<external_component>> as SignerDB2 
   }
 
-  queue "==NATS Service\n//<size:12>[NATS]</size>//" <<external_container>> as NATS2 
+  queue "==NATS Service\n//<size:12>[NATS]</size>//" <<external_component>> as NATS2 
 }
 
 rectangle "==HSM\n//<size:12>[PKCS#11]</size>//\n\n Hardware security module" <<external_component>> as HSM 
 
 SignerClient - ->> SerialHandler : **Uses**\n//<size:12>[USB serial link]</size>//
 
-SerialHandler - ->> ProtocolHandler : **Uses**
+SerialHandler - ->> Framer : **Uses**
+SerialHandler - ->> ServerProtocol : **Uses**
+ServerProtocol - ->> ProtocolHandler : **Uses**
 
 ProtocolHandler - ->> X509SigningHandler : **Uses**
 ProtocolHandler - ->> X509CRLHandler : **Uses**
@@ -832,7 +844,7 @@ HSMAccess - ->> HSM : **Uses**\n//<size:12>[PKCS#11]</size>//
 
 @enduml
 
-PlantUML version 1.2022.6(Tue Jun 21 19:34:49 CEST 2022)
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
 (GPL source distribution)
 Java Runtime: OpenJDK Runtime Environment
 JVM: OpenJDK 64-Bit Server VM