[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[IETF-PKIX] CMP question.

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: [IETF-PKIX] CMP question.
From: Jakob Bjerre Jensen <bjerre@xxxxxxxxxxxxxxx>
Date: Tue, 3 Mar 1998 14:38:26 +0100
Approved-by: Jakob Bjerre Jensen <bjerre@CRYPTOMATHIC.DK>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

'Certificate Management Protocols' feb. '98, says that

    'Certification may only be requested for one locally
    generated public key (for more, use separate PKIMessages)'

But the body structure

CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg

CertReqMsg ::= SEQUENCE {
    certReq   CertRequest,
    ... }

CertRequest ::= SEQUENCE {
   ...
    certTemplate  CertTemplate,
   ... }

CertTemplate ::= SEQUENCE {
  ...
    publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
  ...}

seems to allow multiple requests for key certifications in the same
PKIMessage.

Could someone explain this to me?


- Jakob

Prev by Date: [IETF-PKIX] caPubs-field in CertRepMessage
Next by Date: Re: [IETF-PKIX] RFC 822 names in SubjectAltName and other extensions
Previous by thread: [IETF-PKIX] caPubs-field in CertRepMessage
Next by thread: Re: [IETF-PKIX] RFC 822 names in SubjectAltName and other extensions
Index(es):
- Date
- Thread