2.4. New Section 5.1.1.3 - CertProfile

Section 5.1.1 of [RFC4210] defines the PKIHeader and id-it OIDs to be used in the generalInfo field. This section introduces id-it-certProfile.

Insert this section after Section 5.1.1.2 of [RFC4210]:

5.1.1.3. CertProfile

This is used by the EE to indicate specific certificate profiles, e.g., when requesting a new certificate or a certificate request template; see Section 5.3.19.16.

id-it-certProfile  OBJECT IDENTIFIER ::= {id-it 21}
CertProfileValue ::= SEQUENCE SIZE (1..MAX) OF UTF8String

When used in an ir/cr/kur/genm, the value MUST NOT contain more elements than the number of CertReqMsg or InfoTypeAndValue elements and the certificate profile names refer to the elements in the given order.

When used in a p10cr, the value MUST NOT contain multiple certificate profile names.

2.4. New Section 5.1.1.3 - CertProfile​

5.1.1.3. CertProfile​

2.4. New Section 5.1.1.3 - CertProfile

5.1.1.3. CertProfile