Nonce-based Freshness for Attestation in Certification Requests for use with the Certification Management Protocol
draft-tschofenig-lamps-nonce-for-cmp-01
Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Hannes Tschofenig , Hendrik Brockhaus | ||
Last updated | 2023-08-01 | ||
Replaced by | draft-tschofenig-lamps-nonce-cmp-est | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Replaced by draft-tschofenig-lamps-nonce-cmp-est | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Certificate Management Protocol (CMP) defines protocol messages for X.509v3 certificate creation and management. CMP provides interactions between client systems and PKI components, such as a Registration Authority (RA) and a Certification Authority (CA). CMP allows an RA/CA to inform an end entity about the information it has to provide in a certification request. When an end entity places attestation information in form of evidence in a certification signing request (CSR) it may need to demonstrate freshness of the provided evidence. Attestation technology today often accomplishes this task via the help of nonces. This document specifies how nonces are provided by an RA/CA to the end entity for inclusion in evidence.
Authors
Hannes Tschofenig
Hendrik Brockhaus
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)