[Pki-users] CErtificate profile validation

Hi, Had a question on where certificate profile validation takes places when the user sends the enrollment to the RA and RA sends it to the CA. The authentication selected in the cert profile created at the CA is raCert. In this scenario is it assumed that the RA does all verification of the CSR against the profile? In other words, is it the repsonsibility of the RA to check for fields to be present in the CSR and their current values as specified in the cert profile? Also will the CA add the fields specified in the cert profile that have to be inserted by the CA such as Subject KEy Identifier, Authority Key Identifier, etc. ? thanks, Shanthi Thomas Advanced Technology & Research, Government & Public Safety, Schaumburg, IL, USA desk: 847-576-2499 cell: 224-715-6904