raVerified CMP requests
Overview
In a CMP environment where a Registration Authority (RA) is either modifying requests of an End-Entity (EE), or sending requests on behalf of an EE, there is a need for enabling the support for CMP requests which has 'raVerified' Proof-Of-Possession (POP). More information can be found in [CMP].
In CM, CMP can work in three different POP verification modes:
- client (default): allows signature based POP.
- ra: allows both raVerified and signature based POP.
- ra-strict allows only raVerified POP.