Deployment

During development an unprotected ALU is generally used. For deployment it is best practice to generate a protected (code and data is signed) or confidential (code and data is signed, data is encrypted) ALU. The process for generating these is described in the document GLDA.

The actual load certificates (ALCs) to be used must be obtained (from the MULTOS Key Management Authority (KMA)) specifying the final application details (including the code checksum) and application signing keys. You should specify a specific application ID (AID).

Delete certificates (ADCs) may be requested (required per device) by specifying the device serial numbers in an mcd-id-list file. See the section on enablement for instructions on how to obtain an mcd-id-list file for your device(s).