RFC 9480

Certificate Management Protocol (CMP) Updates, November 2023

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML icon for inline errata
Also available: XML file for editing
RFC 4210, RFC 5912, RFC 6712
H. Brockhaus
D. von Oheimb
J. Gray
lamps (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9480

Discuss this RFC: Send questions or comments to the mailing list spasm@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9480


This document contains a set of updates to the syntax of Certificate Management Protocol (CMP) version 2 and its HTTP transfer mechanism. This document updates RFCs 4210, 5912, and 6712.

The aspects of CMP updated in this document are using EnvelopedData instead of EncryptedValue, clarifying the handling of p10cr messages, improving the crypto agility, as well as adding new general message types, extended key usages to identify certificates for use with CMP, and well-known URI path segments.

CMP version 3 is introduced to enable signaling support of EnvelopedData instead of EncryptedValue and signal the use of an explicit hash AlgorithmIdentifier in certConf messages, as far as needed.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search