[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SCEP draft 19, getNextCA question / bug report

To: scep@xxxxxxxx
Subject: SCEP draft 19, getNextCA question / bug report
From: Arkadius Litwinczuk <arkadius.litwinczuk@xxxxxx>
Date: Thu, 24 Sep 2009 11:06:30 +0200
List-archive: <http://www.vpnc.org/scep/mail-archive/>
List-id: <scep.vpnc.org>
List-unsubscribe: <mailto:scep-request@vpnc.org?body=unsubscribe>
Sender: owner-scep@xxxxxxxxxxxxx

Hello List ,

I'm a student currently working on the implementation of a automatic root-key roll over for my Diploma work. Implementing the functionality into the open source projects openCA and SSCEP.
I wanted to use the SCEP draft 19 "getNextCA" message but I have one problem there, it is ambiguous at :

5.2.6.1. GetNextCACert Response
The response will have a Content-Type of "application/ x-x509-next-ca-cert". The body of this response consists of a SignedData PKCS#7 [RFC2315], as defined inSection 4.6.1. "Content-Type:application/x-x509-ca-ra-cert\n\n" <BER-encoded SignedData<BER-encoded degenerate PKCS7>> GetNextCaCert Example
I guess it's an copy and paste error, but should the response Content-Type be "application/x-x509-next-ca-cert" or a "application/x-x509-ca-ra-cert" ?
Also there is no difference if it's only a CA or a CA and RA in the respond I guess. It's a signed PKCS#7, signed by the CA or RA witha degenerate PKCS7 including the next CA /RA certificates.

Also since this draft expires on October when will be the new draft available ?

Kind regards from Germany,

Arkadius Litwinczuk

--

Informationen (einschließlich Pflichtangaben) zu einzelnen, innerhalb der EU tätigen Gesellschaften und Zweigniederlassungen des Konzerns Deutsche Bank finden Sie unter http://www.db.com/de/content/pflichtangaben.htm. Diese E-Mail enthält vertrauliche und/ oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.

Please refer to http://www.db.com/en/content/eu_disclosures.htm for information (including mandatory corporate particulars) on selected Deutsche Bank branches and group companies registered or incorporated in the European Union. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.

Follow-Ups:
- Re: SCEP draft 19, getNextCA question / bug report
  - From: max pritikin

Prev by Date: Re: Cisco and automatic renewal (signature with old certificate)
Next by Date: Re: SCEP draft 19, getNextCA question / bug report
Previous by thread: Cisco and automatic renewal (signature with old certificate)
Next by thread: Re: SCEP draft 19, getNextCA question / bug report
Index(es):
- Date
- Thread