- From: Stefan Lischke <lischke@googlemail.com>
- Date: Tue, 15 May 2007 18:22:37 +0200
- To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- CC: www-xkms@w3.org
Hi Stephen, Cause many Trustcenters only have simple HTTP p#10 web-interfaces. You send a p#10 request and get a signed certificate with p#7. So unfortunatly i have to use this format ;-( So any Ideas? btw. i'm new to all this security stuff, can you please explain CMS/CMP. Google won't help me with these abbreviations. ;-) Stefan Stephen Farrell schrieb: > > Why p#10 out of the xkms server? Using CMC (or even CMP) > would be more appropriate. > > Stephen. > > Stefan Lischke wrote: >> Hi, >> >> I have a question about the following use-case. Does anyone has any >> experiences or maybe done the same or has any ideas. >> >> An XKMS-Client sends an XKRSS-RegisterRequest for certification of an >> already created key-pair. This RegisterRequest is signed with the >> private key with XMLSig at the Client. Now this Request needs to be >> transformed to a PKCS10 Request at the XKMS-Server. But the PKCS10 >> Request must also be signed, but the XKMS-Server does not have the >> private key. >> >> Any Ideas? >> >> * Maybe send a sign-Request to the XKMS-Client to sign the created >> PKCS10? >> * Is there a way of sending PKCS10 Data inside XKMS? >> >> thanx in advance for any help or suggestion >> >> Stefan >> >> >> >> >> >
Received on Tuesday, 15 May 2007 16:22:42 UTC