2.13. Replace Section 5.3.19.9 - Revocation Passphrase

Section 5.3.19.9 of [RFC4210] describes the provisioning of a revocation passphrase for authenticating a later revocation request. This document updates the handling by using the parent structure EncryptedKey instead of EncryptedValue to transport this information, as described in Section 2.7 above.

Replace the text of the section with the following text:

5.3.19.9. Revocation Passphrase

This MAY be used by the EE to send a passphrase to a CA/RA for the purpose of authenticating a later revocation request (in the case that the appropriate signing private key is no longer available to authenticate the request). See Appendix B for further details on the use of this mechanism.

GenMsg:    {id-it 12}, EncryptedKey
GenRep:    {id-it 12}, < absent >

The use of EncryptedKey is described in Section 5.2.2.

2.13. Replace Section 5.3.19.9 - Revocation Passphrase​

5.3.19.9. Revocation Passphrase​

2.13. Replace Section 5.3.19.9 - Revocation Passphrase

5.3.19.9. Revocation Passphrase