Certificate Request Syntax

Document Type Expired Internet-Draft (smime WG)
Authors Hemma Prafullchandra  , Barbara Fox  , Xiaoyi Liu  , Michael Myers  , Jeff Weinstein 
Last updated 1997-11-26
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document defines an Internet PKI Certificate Request Syntax (CRS). It addresses a growing need within the Internet PKI community for an interface to public key certification products and services based on PKCS7 [PKCS7] and PKCS10 [PKCS10]. A small number of additional services are defined to supplement the core certificate request service. Current industry practice regarding the use of PKCS7 and PKCS10 is also documented for the benefit of the Internet community. In general, the use of PKCS7 in this document is aligned to the Cryptographic Message Syntax [CMS] which provides a superset of the PKCS7 syntax. Throughout this document, the term CMS should be taken to include the PKCS #7 document as defined in [PKCS7]. The term CRS refers to this specification. The chief differences between CRS and PKIXMGMT are: - Use of PKCS7 for security encapsulation and transaction framework - Use of PKCS10 as the certification request message content - Certification of Diffie-Hellman Public Keys based on PKCS10 requests - No assumption of reliable connectivity or persistent on-line operation - Single request/response transaction model


Hemma Prafullchandra (hemma@eng.sun.com)
Barbara Fox (bfox@microsoft.com)
Xiaoyi Liu (xliu@cisco.com)
Michael Myers (mmyers@fastq.com)
Jeff Weinstein (jsw@netscape.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)