RFC Errata
RFC 7030, "Enrollment over Secure Transport", October 2013
Note: This RFC has been updated by RFC 8951, RFC 8996
Source of RFC: pkix (sec)
Errata ID: 5779
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Simon Edänge
Date Reported: 2019-07-13
Section A.4 says:
Because the DecryptKeyIdentifier attribute is not included in this request, the response does not include additional encryption beyond the TLS session. The EST server response is: HTTP/1.1 200 OK Status: 200 OK Content-Type: multipart/mixed ; boundary=estServerExampleBoundary Content-Length: 3219 This is the preamble. It is to be ignored, though it is a handy place for estServer to include an explanatory note, including contact or support information. --estServerExampleBoundary Content-Type: application/pkcs8 Content-Transfer-Encoding: base64
It should say:
Because the DecryptKeyIdentifier attribute is not included in this request, the response does not include additional encryption beyond the TLS session. The EST server response is: HTTP/1.1 200 OK Status: 200 OK Content-Type: multipart/mixed; boundary=estServerExampleBoundary Content-Length: 3219 This is the preamble. It is to be ignored, though it is a handy place for estServer to include an explanatory note, including contact or support information. --estServerExampleBoundary Content-Type: application/pkcs8 Content-Transfer-Encoding: base64
Notes:
Content-Type: multipart/mixed ; boundary=estServerExampleBoundary
The ; has a space, believe it or not, we implemented it that way.
Content-Type: multipart/mixed; boundary=estServerExampleBoundary