Internet X.509 Public Key Infrastructure -- Certificate Management Protocol (CMP)
draft-ietf-lamps-rfc4210bis-07

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
Authors Hendrik Brockhaus , David von Oheimb , Mike Ounsworth , John Gray
Last updated 2023-12-29 (Latest revision 2023-06-19)
RFC stream Internet Engineering Task Force (IETF)
Formats
txt html xml htmlized pdf bibtex bibxml
Additional resources Mailing list discussion
Stream WG state WG Document
Associated WG milestones
Jul 2022
Adopt draft for rfc4210bis
Dec 2022
Send draft for rfc4210bis to IESG for standards track publication
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt html xml htmlized pdf bibtex bibxml

Abstract

This document describes the Internet X.509 Public Key Infrastructure (PKI) Certificate Management Protocol (CMP). Protocol messages are defined for X.509v3 certificate creation and management. CMP provides interactions between client systems and PKI components such as a Registration Authority (RA) and a Certification Authority (CA). This document obsoletes RFC 4210 by including the updates specified by CMP Updates [RFCAAAA] Section 2 and Appendix A.2 maintaining backward compatibility with CMP version 2 wherever possible and obsoletes both documents. Updates to CMP version 2 are: improving crypto agility, extending the polling mechanism, adding new general message types, and adding extended key usages to identify special CMP server authorizations. Introducing version 3 to be used only for changes to the ASN.1 syntax, which are: support of EnvelopedData instead of EncryptedValue and hashAlg for indicating a hash AlgorithmIdentifier in certConf messages. In addition to the changes specified in CMP Updates [RFCAAAA] this document adds support for management of KEM certificates.

Authors

Hendrik Brockhaus
David von Oheimb
Mike Ounsworth
John Gray

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)