RE: How to send class info from RA to CA
Carlisle Adams <carlisle.adams@entrust.com> Wed, 21 March 2001 16:30 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id LAA28728 for <pkix-archive@odin.ietf.org>; Wed, 21 Mar 2001 11:30:22 -0500 (EST)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id IAA13323; Wed, 21 Mar 2001 08:29:29 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Wed, 21 Mar 2001 08:29:23 -0800
Received: from sottmxs02.entrust.com (gatekeeper.entrust.com [204.101.128.170]) by above.proper.com (8.9.3/8.9.3) with ESMTP id IAA13287 for <ietf-pkix@imc.org>; Wed, 21 Mar 2001 08:29:22 -0800 (PST)
Received: by sottmxs02.entrust.com with Internet Mail Service (5.5.2650.21) id <G9HSWM41>; Wed, 21 Mar 2001 11:28:53 -0500
Message-ID: <DD62792EA182FF4E99C2FBC07E3053BD053FE5@sottmxs09.entrust.com>
From: Carlisle Adams <carlisle.adams@entrust.com>
To: 'vivek saraf' <viveksaraf_2000@yahoo.com>
Cc: ietf-pkix@imc.org
Subject: RE: How to send class info from RA to CA
Date: Wed, 21 Mar 2001 11:25:14 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C0B223.82465220"
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Hi Vivek, > ---------- > From: vivek saraf[SMTP:viveksaraf_2000@yahoo.com] > Sent: Wednesday, March 21, 2001 5:08 AM > To: ietf-pkix@imc.org > Subject: How to send class info from RA to CA > > Hello, > > I have a CA running which issues multiple classes > of certifiactes. Now when RA requests a certifiacte > for a user, the RA should specify the class for which > it is requesting, but in the PKI message i don't find > any field for sending the class information. > > I have Free text in the PKI Header, if i use this it > will not be inter operable. > > Can any body help me How does the issued certificate indicate what class it is? Is it by some extension, or is it by an indicator somehow embedded in the name of the subject or the issuer? Whatever mechanism you choose to use, all you have to do is use the same mechanism in the certTemplate in the request message from the RA to the CA. This is why the certTemplate exists; it allows the requester to specify to the CA exactly the cert contents that are important to them. Carlisle.
- How to send class info from RA to CA vivek saraf
- RE: How to send class info from RA to CA Carlisle Adams
- Re: How to send class info from RA to CA Terry Hayes
- RE: How to send class info from RA to CA vivek saraf