Simple Certificate Enrollment Protocol (SCEP)
- Created
- 2020-03-25
- Last Updated
- 2020-11-06
- Available Formats
-
XML
HTML
Plain text
Registries included below
SCEP Message Types
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Peter Gutmann
- Reference
- [RFC8894]
- Available Formats
-
CSV
| Value | Name | Description | Reference |
|---|---|---|---|
| 0 | Reserved | [RFC8894] | |
| 1-2 | Unassigned | ||
| 3 | CertRep | Response to certificate or CRL request. | [RFC8894] |
| 4-16 | Unassigned | ||
| 17 | RenewalReq | PKCS #10 certificate request authenticated with an existing certificate. | [RFC8894] |
| 18 | Unassigned | ||
| 19 | PKCSReq | PKCS #10 certificate request authenticated with a shared secret. | [RFC8894] |
| 20 | CertPoll | Certificate polling in manual enrolment. | [RFC8894] |
| 21 | GetCert | Retrieve a certificate. | [RFC8894] |
| 22 | GetCRL | Retrieve a CRL. | [RFC8894] |
| 23-255 | Unassigned |
SCEP CA Capabilities
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC8894]
- Available Formats
-
CSV
| Keyword | Description | Reference |
|---|---|---|
| AES | CA supports the AES128-CBC encryption algorithm. | [RFC8894] |
| DES3 | CA supports the triple DES-CBC encryption algorithm. | [RFC8894] |
| GetNextCACert | CA supports the GetNextCACert message. | [RFC8894] |
| POSTPKIOperation | CA supports PKIOPeration messages sent via HTTP POST. | [RFC8894] |
| Renewal | CA supports the Renewal CA operation. | [RFC8894] |
| SHA-1 | CA supports the SHA-1 hashing algorithm. | [RFC8894] |
| SHA-256 | CA supports the SHA-256 hashing algorithm. | [RFC8894] |
| SHA-512 | CA supports the SHA-512 hashing algorithm. | [RFC8894] |
| SCEPStandard | CA supports all mandatory-to-implement sections of the SCEP standard. This keyword implies "AES", "POSTPKIOperation", and "SHA-256", as well as the provisions of Section 2.9 of [RFC8894]. | [RFC8894] |