rfc9811v1.txt   rfc9811.txt 
skipping to change at line 144 skipping to change at line 144
* Added options for extending the URI structure with further * Added options for extending the URI structure with further
segments and defined a new protocol registry group to that aim. segments and defined a new protocol registry group to that aim.
1.2. Changes Made by This Document 1.2. Changes Made by This Document
This document obsoletes [RFC6712]. It includes the changes specified This document obsoletes [RFC6712]. It includes the changes specified
in Section 3 of [RFC9480], as described in Section 1.1 of this in Section 3 of [RFC9480], as described in Section 1.1 of this
document. Additionally, it adds the following changes: document. Additionally, it adds the following changes:
* Removed the requirement to support HTTP/1.0 [RFC1945] in * Removed the requirement to support HTTP/1.0 [RFC1945] in
accordance with Section 4.1 of [RFC9205]. accordance with Section 4.1 of RFC 9205 [BCP56].
* Implementations MUST forward CMP messages when an HTTP error * Implementations MUST forward CMP messages when an HTTP error
status code occurs; see Section 3.1. status code occurs; see Section 3.1.
* Removed Section 3.8 of [RFC6712] as it contains information * Removed Section 3.8 of [RFC6712] as it contains information
redundant with current HTTP specification. redundant with current HTTP specification.
2. Conventions Used in This Document 2. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
skipping to change at line 174 skipping to change at line 174
SHOULD be utilized for conveying CMP messages. This specification SHOULD be utilized for conveying CMP messages. This specification
requires using the POST method (Section 3.1) and the "Content-Type" requires using the POST method (Section 3.1) and the "Content-Type"
header field (Section 3.2), which are available since HTTP/1.0 header field (Section 3.2), which are available since HTTP/1.0
[RFC1945]. [RFC1945].
Note: In some situations, CMP requires multiple request/response Note: In some situations, CMP requires multiple request/response
pairs to perform a PKI management operation. Their affiliation with pairs to perform a PKI management operation. Their affiliation with
a PKI management operation is indicated by a transaction identifier a PKI management operation is indicated by a transaction identifier
in the CMP message header (see transactionID described in in the CMP message header (see transactionID described in
Section 5.1.1 of [RFC9810]). For details on how to transfer multiple Section 5.1.1 of [RFC9810]). For details on how to transfer multiple
requests, see Section 4.11 of [RFC9205]. requests, see Section 4.11 of RFC 9205 [BCP56].
3.1. General Form 3.1. General Form
A DER-encoded [ITU.X690.1994] PKIMessage (Section 5.1 of [RFC9810]) A DER-encoded [ITU.X690.2021] PKIMessage (Section 5.1 of [RFC9810])
MUST be sent as the content of an HTTP POST request. If this HTTP MUST be sent as the content of an HTTP POST request. If this HTTP
request is successful, the server returns the CMP response in the request is successful, the server returns the CMP response in the
content of the HTTP response. The HTTP response status code in this content of the HTTP response. The HTTP response status code in this
case MUST be 200 (OK); other Successful 2xx status codes MUST NOT be case MUST be 200 (OK); other Successful 2xx status codes MUST NOT be
used for this purpose. HTTP responses to pushed CMP announcement used for this purpose. HTTP responses to pushed CMP announcement
messages described in Section 3.5 utilize the status codes 201 and messages described in Section 3.5 utilize the status codes 201 and
202 to identify whether the received information was processed. 202 to identify whether the received information was processed.
While Redirection 3xx status codes MAY be supported by While Redirection 3xx status codes MAY be supported by
implementations, clients should only be enabled to automatically implementations, clients should only be enabled to automatically
skipping to change at line 385 skipping to change at line 385
registry <https://www.iana.org/assignments/cmp> refers to this registry <https://www.iana.org/assignments/cmp> refers to this
document instead of [RFC9480]. document instead of [RFC9480].
No further action by IANA is necessary for this document or any No further action by IANA is necessary for this document or any
anticipated updates. anticipated updates.
7. References 7. References
7.1. Normative References 7.1. Normative References
[ITU.X690.2021]
ITU-T, "Information Technology - ASN.1 encoding rules:
Specification of Basic Encoding Rules (BER), Canonical
Encoding Rules (CER) and Distinguished Encoding Rules
(DER)", ITU-T Recommendation X.690, 2021,
<https://www.itu.int/rec/T-REC-X.690-202102-I/en>.
[RFC1945] Berners-Lee, T., Fielding, R., and H. Frystyk, "Hypertext [RFC1945] Berners-Lee, T., Fielding, R., and H. Frystyk, "Hypertext
Transfer Protocol -- HTTP/1.0", RFC 1945, Transfer Protocol -- HTTP/1.0", RFC 1945,
DOI 10.17487/RFC1945, May 1996, DOI 10.17487/RFC1945, May 1996,
<https://www.rfc-editor.org/info/rfc1945>. <https://www.rfc-editor.org/info/rfc1945>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8615] Nottingham, M., "Well-Known Uniform Resource Identifiers [RFC8615] Nottingham, M., "Well-Known Uniform Resource Identifiers
(URIs)", RFC 8615, DOI 10.17487/RFC8615, May 2019, (URIs)", RFC 8615, DOI 10.17487/RFC8615, May 2019,
<https://www.rfc-editor.org/info/rfc8615>. <https://www.rfc-editor.org/info/rfc8615>.
[RFC9110] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, [RFC9110] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP Semantics", STD 97, RFC 9110, Ed., "HTTP Semantics", STD 97, RFC 9110,
DOI 10.17487/RFC9110, June 2022, DOI 10.17487/RFC9110, June 2022,
<https://www.rfc-editor.org/info/rfc9110>. <https://www.rfc-editor.org/info/rfc9110>.
[RFC9112] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, [RFC9112] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP/1.1", STD 99, RFC 9112, DOI 10.17487/RFC9112, Ed., "HTTP/1.1", STD 99, RFC 9112, DOI 10.17487/RFC9112,
June 2022, <https://www.rfc-editor.org/info/rfc9112>. June 2022, <https://www.rfc-editor.org/info/rfc9112>.
[RFC9810] Brockhaus, H., von Oheimb, D., Ounsworth, M., and J. Gray, [RFC9810] Brockhaus, H., von Oheimb, D., Ounsworth, M., and J. Gray,
"Internet X.509 Public Key Infrastructure -- Certificate "Internet X.509 Public Key Infrastructure -- Certificate
Management Protocol (CMP)", RFC 9810, Management Protocol (CMP)", RFC 9810,
DOI 10.17487/RFC9810, July 2025, DOI 10.17487/RFC9810, July 2025,
<https://www.rfc-editor.org/info/rfc9810>. <https://www.rfc-editor.org/info/rfc9810>.
[ITU.X690.1994]
ITU-T, "Information Technology - ASN.1 encoding rules:
Specification of Basic Encoding Rules (BER), Canonical
Encoding Rules (CER) and Distinguished Encoding Rules
(DER)", ITU-T Recommendation X.690, 1994,
<https://www.itu.int/rec/T-REC-X.690-199407-S/en>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
7.2. Informative References 7.2. Informative References
[RFC9480] Brockhaus, H., von Oheimb, D., and J. Gray, "Certificate [BCP56] Best Current Practice 56,
Management Protocol (CMP) Updates", RFC 9480, <https://www.rfc-editor.org/info/bcp56>.
DOI 10.17487/RFC9480, November 2023, At the time of writing, this BCP comprises the following:
<https://www.rfc-editor.org/info/rfc9480>.
[RFC9483] Brockhaus, H., von Oheimb, D., and S. Fries, "Lightweight Nottingham, M., "Building Protocols with HTTP", BCP 56,
Certificate Management Protocol (CMP) Profile", RFC 9483, RFC 9205, DOI 10.17487/RFC9205, June 2022,
DOI 10.17487/RFC9483, November 2023, <https://www.rfc-editor.org/info/rfc9205>.
<https://www.rfc-editor.org/info/rfc9483>.
[RFC2510] Adams, C. and S. Farrell, "Internet X.509 Public Key [RFC2510] Adams, C. and S. Farrell, "Internet X.509 Public Key
Infrastructure Certificate Management Protocols", Infrastructure Certificate Management Protocols",
RFC 2510, DOI 10.17487/RFC2510, March 1999, RFC 2510, DOI 10.17487/RFC2510, March 1999,
<https://www.rfc-editor.org/info/rfc2510>. <https://www.rfc-editor.org/info/rfc2510>.
[RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen, [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen,
"Internet X.509 Public Key Infrastructure Certificate "Internet X.509 Public Key Infrastructure Certificate
Management Protocol (CMP)", RFC 4210, Management Protocol (CMP)", RFC 4210,
DOI 10.17487/RFC4210, September 2005, DOI 10.17487/RFC4210, September 2005,
skipping to change at line 468 skipping to change at line 466
[RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T.
Kivinen, "Internet Key Exchange Protocol Version 2 Kivinen, "Internet Key Exchange Protocol Version 2
(IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October
2014, <https://www.rfc-editor.org/info/rfc7296>. 2014, <https://www.rfc-editor.org/info/rfc7296>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
[RFC9530] Polli, R. and L. Pardue, "Digest Fields", RFC 9530,
DOI 10.17487/RFC9530, February 2024,
<https://www.rfc-editor.org/info/rfc9530>.
[BCP56] Best Current Practice 56,
<https://www.rfc-editor.org/info/bcp56>.
At the time of writing, this BCP comprises the following:
Nottingham, M., "Building Protocols with HTTP", BCP 56,
RFC 9205, DOI 10.17487/RFC9205, June 2022,
<https://www.rfc-editor.org/info/rfc9205>.
[RFC9293] Eddy, W., Ed., "Transmission Control Protocol (TCP)", [RFC9293] Eddy, W., Ed., "Transmission Control Protocol (TCP)",
STD 7, RFC 9293, DOI 10.17487/RFC9293, August 2022, STD 7, RFC 9293, DOI 10.17487/RFC9293, August 2022,
<https://www.rfc-editor.org/info/rfc9293>. <https://www.rfc-editor.org/info/rfc9293>.
[RFC9480] Brockhaus, H., von Oheimb, D., and J. Gray, "Certificate
Management Protocol (CMP) Updates", RFC 9480,
DOI 10.17487/RFC9480, November 2023,
<https://www.rfc-editor.org/info/rfc9480>.
[RFC9483] Brockhaus, H., von Oheimb, D., and S. Fries, "Lightweight
Certificate Management Protocol (CMP) Profile", RFC 9483,
DOI 10.17487/RFC9483, November 2023,
<https://www.rfc-editor.org/info/rfc9483>.
[RFC9530] Polli, R. and L. Pardue, "Digest Fields", RFC 9530,
DOI 10.17487/RFC9530, February 2024,
<https://www.rfc-editor.org/info/rfc9530>.
Acknowledgements Acknowledgements
The authors wish to thank Tomi Kause and Martin Peylo, the original The authors wish to thank Tomi Kause and Martin Peylo, the original
authors of [RFC6712], for their work. authors of [RFC6712], for their work.
We also thank all reviewers for their valuable feedback. We also thank all reviewers for their valuable feedback.
Authors' Addresses Authors' Addresses
Hendrik Brockhaus Hendrik Brockhaus
 End of changes. 10 change blocks. 
39 lines changed or deleted 39 lines changed or added

This html diff was produced by rfcdiff 1.48.