pkix-4----Page:6
1 2 3 4 5 6 7 8
|
Issue #4 Matt Cooper: Clarify that any MIME encoding of the type of file content is performed at the protocol layer and not embeded as part of the file content. Response: Text proposed on the mail list: "When the HTTP scheme is specified, the URI MUST specify the location of a certificate containing file. The file MUST contain either a single binary DER encoded certificate (indicated by the .cer file extension) or one or more certificates encapsulated in a CMS certs-only (PKCS#7) message [ref] (indicated by the .p7c file extension). HTTP server implementations accessed via the URI SHOULD use the appropriate MIME [ref] content-type for the certificate containing file. Specifically, the HTTP server SHOULD use the content-type application/pkix-cert [ref] for a single DER encoded certificate and application/pkcs7-mime [ref] for CMS certs-only (PKCS#7). Consuming clients may use the MIME type and file extension as a hint to the file content, but should not depend solely on the presence of the correct MIME type or file extension in the server response." |