On 27 Oct 2012, at 2:18 PM, "Stefan H. Holek" <ste...@epy.co.at> wrote:
>> I understand as per RFC2585 that the MIME type for a CRL is >> application/pkix-crl, but I am struggling to figure out whether there is a >> way to specify using MIME types and/or content negotiation whether the CRL >> is PEM encoded or DER encoded. >> >> Is there a Content-Encoding for PEM specified somewhere? >> >> Would "Content-Encoding: base64" be good enough, or should this be >> "Content-Encoding: x-base64"? (Or perhaps "pem" or "x-pem"). > > The same RFC also says that CRLs must be DER encoded: > http://tools.ietf.org/html/rfc2585.html#section-3 The section you quote refers to the content of files with the extensions .cer and .crl, it doesn't refer to HTTP: For convenience, the names of files that contain certificates should have a suffix of ".cer". Each ".cer" file contains exactly one certificate, encoded in DER format. Likewise, the names of files that contain CRLs should have a suffix of ".crl". Each ".crl" file contains exactly one CRL, encoded in DER format. Section 4.1 says: Encoding considerations: will be none for 8-bit transports and most likely Base64 for SMTP or other 7-bit transports What I'm after is how to interpret section 4.1 in the context of HTTP content negotiation. Regards, Graham --
smime.p7s
Description: S/MIME cryptographic signature
