A certification reply is an RFC 1421 MIC-ONLY or MIC-CLEAR privacy- enhanced message containing a new certificate, its certification path to the RFC 1422 Internet certification authority, and possibly other certificates. There is only one signer. The "MIC-Info:" field and encapsulated text are taken directly from the certification request. The reply has the same process type (MIC-ONLY or MIC-CLEAR) as the request.
Since the reply is an ordinary privacy-enhanced message, the new certificate can be inserted into the requestor's database during normal privacy-enhanced mail processing. The requestor can forward the reply to other requestors to disseminate the certificate.
Example:
To: requestor@host.domain From: cert-service@ca.domain -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-ONLY Content-Domain: RFC822 Originator-Certificate: <requestor's new certificate> Issuer-Certificate: <issuer's certificate> MIC-Info: RSA,RSA-MD2,<requestor's signature on text> <text> -----END PRIVACY-ENHANCED MESSAGE-----