I am trying to check a use-case against the possibility of using the Certificate Managing Protocol for requesting User-Certificates.
I understand that an entity can use an Initial Request (IR) to request a new "entry" into the CA its talking to and, either by providing its own private key or requesting a new one, can obtain a certificate.
Now my question is:
Can this be done for any number of certificate holders?
The use-case would be a smartcard-management server that is authorized to request certificates for each new user who needs a smartcard-certificate from the CA using THAT users private key and a CSR-File via CMP?
