updated definition of CSR

[ghost]

According to the definition, a CSR contains a private key. Based on my experience, it includes a public key. The private key of the applicant is never shared with the registration authority.

[cronical]

This seems correct to me and, if confirmed, fixes a substantive error. But I don’t claim expert status here. Please confirm with author. Would also like to get identity-focus to put his or her eagle eyes on more material.

[hlflanagan]

This has been fixed in the bok.idpro.org version. Thank you for catching this!