1 - 4 - 6 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - X
CMS
Click on the red underlined text to get to the source
...
- The protocol is to be based as much as possible on the existing
CMS, PKCS#10 and CRMF specifications.
- The protocol must support the current industry practice of a
...
... services are needed), and (b) the
PKCS10 or CRMF message wrapped in a CMS encapsulation as part of a
PKIData object.
...
... Public key certification responses are based on the CMS signedData
object. The response may be either (a) a degenerate CMS ...
... CMS signedData
object. The response may be either (a) a degenerate CMS signedData
object (in the event no other services ...
... object (in the event no other services are needed), or (b) a
ResponseBody object wrapped in a CMS signedData object.
...
... This specification makes no assumptions about the underlying
transport mechanism. The use of CMS is not meant to imply an email-
based transport ...
... document as part of our management protocol.
"CMS" refers to the Cryptographic Message Syntax RFC [CMS]. This
...
...
+----------+ +------------------+
| PKCS #10 | | CMS "certs-only" |
+----------+--------------+ | message |
| | +------------------+------+
...
... | <enrollment attribute>* | | <enrollment attribute>* |
| <certification request>*| | <CMS object>* |
| <CMS objects>* | | <other message>* |
...
... certification request>*| | <CMS object>* |
| <CMS objects>* | | <other message>* |
| <other message>* | | |
| | | where * == zero or more |
...
... data objects to be carried as part of a message. This is intended to
contain data that is not already wrapped in a CMS contentInfo object.
The data is ignored unless a control attribute references the data by
bodyPartId.
...
... Request message consists of a PKIData object
wrapped in a signedData CMS object. The objects in the PKIData are
ordered as follows:
...
... 2. All certification requests,
3. All CMS objects,
4. All other messages.
...
... signedData object
encapsulating a responseBody object. In a responseBody object all
Control Attributes MUST precede all CMS objects. The certificates
granted in an enrollment response are returned in the certificates ...
... PKI message (a signedData
object) in a CMS EnvelopedData object. The nested content type in
the EnvelopedData is id-signedData ...
... identity information about the
creator/author of the message is carried in the signature of the CMS
SignedData object containing all of the certificate requests ...
... DN in (a) the certificate
referenced by the CMS SignerInfo object, and (b) all certificate
requests within the request message MUST match according to the
...
... }
-- pkiDataBodyid field contains the body part id of the nested CMS
body object containing the client's full request message ...