RFC 2511 (rfc2511) - Page 1 of 25
Internet X
Alternative Format: Original Text Document
Network Working Group M. Myers
Request for Comments: 2511 VeriSign
Category: Standards Track C. Adams
Entrust Technologies
D. Solo
Citicorp
D. Kemp
DoD
March 1999
Internet X.509 Certificate Request Message Format
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
1. Abstract
This document describes the Certificate Request Message Format
(CRMF). This syntax is used to convey a request for a certificate to
a Certification Authority (CA) (possibly via a Registration Authority
(RA)) for the purposes of X.509 certificate production. The request
will typically include a public key and associated registration
information.
The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and "MAY"
in this document (in uppercase, as shown) are to be interpreted as
described in RFC 2119.
2. Overview
Construction of a certification request involves the following steps:
a) A CertRequest value is constructed. This value may include the
public key, all or a portion of the end-entity's (EE's) name,
other requested certificate fields, and additional control
information related to the registration process.
Myers, et. al. Standards Track