RFC 7030, "Enrollment over Secure Transport", October 2013Source of RFC: pkix (sec)
Errata ID: 5107
Publication Format(s) : TEXT
Reported By: Sean Turner
Date Reported: 2017-09-07
Section 3.2.1 says:
It should say:
Add the following is as the last paragraph of Section 3.2.1: [RFC2616] indicates "HTTP does not use the Content-Transfer-Encoding (CTE) field of RFC 2045”; nevertheless, this document was published specifying the use of the Content-Transfer-Encoding header with a value of ‘base64' in Sections 4.1.3, 4.3.1, 4.3.2, 4.4.2, 4.5.2, as well as in the examples in Appendices A.1-A.4. As HTTP is binary-clean transport, there is no need to indicate this for HTTP-based protocols like EST. EST server implementations SHOULD omit the Content-Transfer-Encoding header if they know a priori that EST clients do not rely this field. EST Clients SHOULD expect that the Content-Transfer-Encoding header will be absent unless they have an a priori agreement with the EST server. The mechanism to establish this client dependency is out-of-scope.
EST, which is an HTTP-based protocol, erroneous used CTE. This errata addresses this error.
Note that the text was reviewed by a RAI AD as well as multiple EST implementors.