%% You should probably cite draft-ietf-lamps-rfc7030-csrattrs-13 instead of this revision. @techreport{ietf-lamps-rfc7030-csrattrs-02, number = {draft-ietf-lamps-rfc7030-csrattrs-02}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc7030-csrattrs/02/}, author = {Michael Richardson and Owen Friel and David von Oheimb and Dan Harkins}, title = {{Clarification of RFC7030 CSR Attributes definition}}, pagetotal = 9, year = 2023, month = apr, day = 9, abstract = {The Enrollment over Secure Transport (EST, RFC7030) is ambiguous in its specification of the CSR Attributes Response. This has resulted in implementation challenges and implementor confusion. This document updates RFC7030 (EST) and clarifies how the CSR Attributes Response can be used by an EST server to specify both CSR attribute OIDs and also CSR attribute values, in particular X.509 extension values, that the server expects the client to include in subsequent CSR request.}, }