I'm trying to understand who generates the 'KeyIdentifier' element in the 'KEKIdentifier' structure of the 'RecipientInfo' created by the client.
Is it the client? The Plasma CMS Processing document, Page 8, describes how the 'KeyIdentifier' is a random generated value (Created by the client?). Is it the Plasma Server? On Page 13 the KekIdentifier is a value that matches the KEKIdentifier.KeyIdentifier value in the recipient info information (I have read this to mean that the EPS-LockBox version must match the KeyIdentifier in the envelopedData created by the client, meaning the KeyIdentifer must be transported between client and plasma server). >From this I thought the client created the random value and passed it across to the server inside the 'GetCMSToken' request. However, I can't see this described in the request. Is this missing from the request documentation, or does this Imply that the client has to extract the KeyIdentifer from the EPS-KEK returned in the GetCMSToken response, but this is encrypted and only the Plasma Server has access to this. Or have I mis-read this completely? Alan. Boldon James.
_______________________________________________ plasma mailing list [email protected] https://www.ietf.org/mailman/listinfo/plasma
