1 - 4 - 6 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - X
SignedData
Click on the red underlined text to get to the source
... Public key certification responses are based on the CMS signedData
object. The response may be either (a) a degenerate CMS signedData ...
... signedData
object. The response may be either (a) a degenerate CMS signedData
object (in the event no other services are needed), or (b) a
...
... services are needed), or (b) a
ResponseBody object wrapped in a CMS signedData object.
No special services ...
... Subject Public Key Info | | |
| (K_PUB) | | signedData contains one |
| Attributes | | or more certificates in |
...
... certificates" |
+-----------+-------------+ | portion of the |
| signed with | | signedData. |
| matching | | |
| K_PRIV | | encapsulatedContentInfo |
...
... CMS signedData | | CMS signedData |
| object | | object |
+----------------+--------+ +----------------+--------+
...
... certificates" portion |
| (OID, ANY defined by | | of the signedData. |
| OID) pairs. | | Relevant CA ...
... -- cmsSequence consists of a sequence of [CMS] message objects. This
protocol only uses EnvelopedData, SignedData and EncryptedData. See
section 3.6 for more details.
...
... -- cmsSequence consists of a sequence of [CMS] message objects. This
protocol only uses EnvelopedData, SignedData and EncryptedData. See
section 3.6 for more details.
...
... -- contentInfo contains a ContentInfo object (defined in [CMS]).
The three contents used in this location are SignedData,
EnvelopedData and Data.
...
... transport of unstructured data.
The SignedData object from [CMS] is also used in this specification
to provide for authentication ...
...
The signedData object is used in two different locations when
constructing enrollment messages. The signedData object is used as a
...
... The signedData object is used in two different locations when
constructing enrollment messages. The signedData object is used as a
wrapper for a PKIData as part of the enrollment request message ...
... wrapper for a PKIData as part of the enrollment request message. The
signedData object is also used as the outer part of an enrollment
response message.
...
... response message.
For the enrollment response the signedData wrapper allows the server
to sign the returning data, if any exists, and to carry the
...
... being returned beyond the certificates, no signerInfo objects are
placed in the signedData object.
...
... The Full Enrollment Request message consists of a PKIData object
wrapped in a signedData CMS object. The objects in the PKIData are
ordered as follows:
...
... the error badRequest with a bodyPartID of 0.
The signedData object wrapping the PKIData may be signed either by
the private key material of the signature ...
... request key is used for signing, there MUST be only one signerInfo
object in the signedData object.
When creating a message to renew a certificate ...
... response message. The simple enrollment response message consists of
a signedData object with no signerInfo objects on it. The
certificates requested are returned in the certificate ...
... certificates requested are returned in the certificate bag of the
signedData object.
Clients ...
...
The full enrollment response message consists of a signedData object
encapsulating a responseBody object. In a responseBody object all
Control Attributes MUST precede all CMS ...
... granted in an enrollment response are returned in the certificates
field of the immediately encapsulating signedData object.
Clients ...
... Confidentiality is provided by wrapping the PKI message (a signedData
object) in a CMS EnvelopedData object. The nested content type ...
... CMS EnvelopedData object. The nested content type in
the EnvelopedData is id-signedData. Note that this is different from
S/MIME where there is a MIME ...
... Normal Option 1 Option 2
------ -------- --------
SignedData EnvelopedData SignedData
PKIData SignedData ...
... ------ -------- --------
SignedData EnvelopedData SignedData
PKIData SignedData EnvelopedData
...
... PKIData SignedData EnvelopedData
PKIData SignedData
PKIData
...
... signature of the CMS
SignedData object containing all of the certificate requests.
Proof-of-possession ...
... certificate in the certificates field of a SignedData object. If the
get certificate attribute is the only control in a Full PKI ...
... service responding to the request will place the requested CRL in
the crls field of a SignedData object. If the get CRL attribute is
the only control in a full enrollment message, the response would be
...
... figure:
SignedData (by LRA)
PKIData
controlSequence
...