2.27. Update Appendix C - Request Message Behavioral Clarifications

2.27. Update Appendix C - Request Message Behavioral Clarifications

Appendix C of [RFC4210] provides clarifications to the request message behavior. As this document updates [RFC4210] to utilize the parent structure EncryptedKey instead of EncryptedValue as described in Section 2.7 above, the description is updated accordingly.

Replace the comment within the ASN.1 syntax coming after the definition of POPOSigningKey with the following text (Note: This fixes Errata ID 2615):

-- **********
-- * For the purposes of this specification, the ASN.1 comment
-- * given in [RFC4211] pertains not only to certTemplate but
-- * also to the altCertTemplate control.
-- **********
-- * The signature (using "algorithmIdentifier") is on the
-- * DER-encoded value of poposkInput (i.e., the "value" OCTETs
-- * of the POPOSigningKeyInput DER).  NOTE: If CertReqMsg
-- * certReq certTemplate (or the altCertTemplate control)
-- * contains the subject and publicKey values, then poposkInput
-- * MUST be omitted and the signature MUST be computed on the
-- * DER-encoded value of CertReqMsg certReq (or the DER-
-- * encoded value of AltCertTemplate).  If
-- * certTemplate/altCertTemplate does not contain both the
-- * subject and public key values (i.e., if it contains only
-- * one of these or neither), then poposkInput MUST be present
-- * and MUST be signed.
-- **********

Replace the ASN.1 syntax of POPOPrivKey with the following text:

POPOPrivKey ::= CHOICE {
    thisMessage       [0] BIT STRING,   -- deprecated
    subsequentMessage [1] SubsequentMessage,
    dhMAC             [2] BIT STRING,   -- deprecated
    agreeMAC          [3] PKMACValue,
    encryptedKey      [4] EnvelopedData }

-- **********
-- * When using CMP V2, the encrypted value MUST be transferred in
-- * the thisMessage field that is given as BIT STRING in [RFC4211],
-- * but it requires EncryptedValue. Therefore, this document makes
-- * the behavioral clarification for CMP V2 of specifying that the
-- * contents of "thisMessage" MUST be encoded as an
-- * EncryptedValue and then wrapped in a BIT STRING.
-- * When using CMP V3, the encrypted value MUST be transferred
-- * in the encryptedKey field, as specified in Section 5.2.2.
-- **********