Technical Summary
This document contains a set of updates to the syntax and transfer of
Certificate Management Protocol (CMP) version 2. This document
updates RFC 4210, RFC 5912, and RFC 6712.
The aspects of CMP updated in this document are using EnvelopedData
instead of EncryptedValue, clarifying the handling of p10cr messages,
improving the crypto agility, as well as adding new general message
types, extended key usages to identify certificates for use with CMP,
and well-known URI path segments.
To properly differentiate the support of EnvelopedData instead of
EncryptedValue, the CMP version 3 is introduced in case a transaction
is supposed to use EnvelopedData.
CMP version 3 is introduced to enable signaling support of
EnvelopedData instead of EncryptedValue and signaling the use of an
explicit hash AlgorithmIdentifier in certConf messages, as far as
needed.
Working Group Summary
There is consensus for this document in the LAMPS WG.
The scope of the changes made in the document was larger than was originally anticipated.
The "well-known" mechanism was refined after expert review.
Document Quality
Vendors with CMP implementations have indicated that they intend to
support the updated syntax, and at least one open source effort is
underway.
Personnel
Russ Housley is the document shepherd.
Roman Danyliw is the responsible area director.