Clarification and Enhancement of the CSR Attributes Definition in RFC 7030
RFC 9908

Received changes through RFC Editor sync (created document RFC 9908, created became rfc relationship between draft-ietf-lamps-rfc7030-csrattrs and RFC 9908, set title to 'Clarification and Enhancement of the CSR Attributes Definition in RFC 7030', set abstract to 'This document updates RFC 7030, "Enrollment over Secure Transport" (EST), clarifying how the Certificate Signing Request (CSR) Attributes Response can be used by an EST server to specify both CSR attribute Object Identifiers (OIDs) and CSR attribute values, particularly X.509 extension values, that the server expects the client to include in a subsequent CSR request. RFC 9148 is derived from RFC 7030 and is also updated.

RFC 7030 is ambiguous in its specification of the CSR Attributes Response. This has resulted in implementation challenges and implementor confusion because there was no universal understanding of what was specified. This document clarifies the encoding rules.

This document also provides a new straightforward approach: using a template for CSR contents that may be partially filled in by the server. This also allows an EST server to specify a subject Distinguished Name (DN).', set pages to 22, set standardization level to Proposed Standard, added RFC published event at 2026-01-06, created updates relation between RFC 9908 and RFC 7030, created updates relation between RFC 9908 and RFC 9148)