profile
Click on the red underlined text to get to the source
... are the template fields which may be supplied for each certificate
requested (see Appendix B profiles for further information). This
message is intended to be used for entities first initializing into
the PKI ...
... public key for which a certificate is
required (see Appendix B profiles for further information).
See [CRMF ...
... the functionality described (perhaps via one of the transport
mechanisms defined in Section 5). This part is effectively the
profile of the PKI management functionality that MUST be supported.
...
... certificate" which is a
Certificate structure with the profile defined for the "newWithNew"
certificate issued following a root CA key update ...
... Appendix B. PKI Management Message Profiles. ...
...
This appendix contains detailed profiles for those PKIMessages which
MUST be supported by conforming implementations (see Section 4).
...
... MUST be supported by conforming implementations (see Section 4).
Profiles for the PKIMessages used in the following PKI management
operations are provided:
...
... <<Later versions of this document may extend the above to include
profiles for the operations listed below (along with other
operations, if desired).>>
...
... B1. General Rules for interpretation of these profiles. ...
...
1. Where OPTIONAL or DEFAULT fields are not mentioned in individual
profiles, they SHOULD be absent from the relevant message (i.e., a
receiver can validly reject a message containing such fields as
...
... DN).
This special value can be called a "NULL-GeneralName".
6. Where a profile omits to specify the value for a GeneralName
then the NULL-GeneralName value is to be present in the relevant
PKIMessage field. This occurs with the sender ...
... sender field of the
PKIHeader for some messages.
7. Where any ambiguity arises due to naming of fields, the profile
names these using a "dot" notation (e.g., "certTemplate.subject ...
... message to be sent by the initiating entity. This message is not
included in some of the profiles given since its body is NULL and
its header contents are clear from the context ...
...
Name: an identifier used for message profiles
Use: description of where and for what the algorithm is used
...
...
Profile of how a Certificate structure may be "self-signed". These
structures are used for distribution of "root ...
... B4. Proof of Possession Profile ...
... encryption key for which a certificate has been requested
does not use this profile; instead the method given in protectionAlg
for PKIConfirm in Section B8 is used.>>
...
...
POPOSigningKey present
-- see "Proof of possession profile" (Section B4)
protection present
...
... 9 handle conf
For this profile, we mandate that the end entity MUST include all
(i.e., one or two) CertReqMsg in a single PKIMessage and that the PKI ...
... authenticated.
The profile for this exchange is identical to that given in Section
B8 with the following exceptions:
...
... authenticated.
The profile for this exchange is identical to that given in Section
B8 with the following exceptions:
...