(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-04-17 {
+ revision 2023-12-28 {
description
"Initial version";
reference
"Indicates that the server supports the
'cms-encrypted-data-format' identity.";
}
+
feature p10-csr-format {
description
"Indicates that the server implements support
scope of this specification. This is also true when
the octet string has been encrypted.";
}
+
identity one-symmetric-key-format {
if-feature "one-symmetric-key-format";
base symmetric-key-format;
Specification Version 1.7";
}
+
/***************************************************/
/* Typedefs for ASN.1 structures from RFC 2986 */
/***************************************************/
}
}
- grouping asymmetric-key-pair-grouping {
+ grouping private-key-grouping {
description
- "A private key and its associated public key. Implementations
- SHOULD ensure that the two keys are a matching pair.";
- uses public-key-grouping;
+ "A private key.";
leaf private-key-format {
nacm:default-deny-write;
type identityref {
}
}
+ grouping asymmetric-key-pair-grouping {
+ description
+ "A private key and, optionally, its associated public key.
+ Implementations SHOULD ensure that the two keys, when both
+ are specified, are a matching pair.";
+ uses public-key-grouping {
+ refine public-key-format {
+ mandatory false;
+ }
+ refine public-key {
+ mandatory false;
+ }
+ }
+ uses private-key-grouping;
+ }
+
grouping certificate-expiration-grouping {
description
"A notification for when a certificate is about to, or
uses certificate-expiration-grouping;
}
+
+
grouping generate-csr-grouping {
description
"Defines the 'generate-csr' action.";