Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The client has requested the disposition status of all CA signing certificates.
If the server implements the Signing_Cert Table, it MUST validate all the signing certificates stored in the Signing_Cert_Certificate column.
The server MUST return a byte array that contains the status. The value used MUST be one of the following.
|
Value |
Meaning |
|---|---|
|
CA_DISP_INCOMPLETE (0x00) |
The signing certificate is incomplete. |
|
CA_DISP_ERROR (0x01) |
The signing certificate is unavailable. |
|
CA_DISP_REVOKED (0x02) |
The signing certificate has been revoked. |
|
CA_DISP_VALID (0x03) |
The signing certificate is valid. |
|
CA_DISP_INVALID (0x04) |
The signing certificate has expired. |
The CA MUST return the byte array in a CERTTRANSBLOB (section 2.2.2.2) structure. The first byte MUST identify the status of the signing certificate in row 1 of the Signing_Cert table, and the second byte MUST identify the status of the signing certificate in the second row of the Signing_Cert table. Subsequent bytes MUST repeat this pattern so that byte n MUST contain the disposition of the signing certificate in row n.