[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ekmi] Groups - SKSML Requirements (SKSML-Requirements.odt)uploaded
Mike, I will review these documents, although this will take a little time - they're fairly lengthy. However, I would like to make a point that if SKSML, with its layered protocols of Web Services Security (WSS), XML Signature and XML Encryption address the spirit of the NIST recommendations, then we should forge ahead and prove to NIST that we have addressed the security concerns. If you have a summary of these documents that describe the security principles that NIST recommends, that will make it significantly easier for us to discuss and move forward. Thanks for bringing these to our attention. Arshad Noor StrongAuth, Inc. Mike Nelson wrote: > Arshad, > > Would you see it as appropriate to include in item IV (use of existing > standards) a reference to a requirement to meet, at a minimum, the criteria > established by NIST (see links below)? If not here, I think we need to > factor the criteria into the end product in some way as it is becoming the > benchmark against which assurances of control effectiveness are measured. > > <http://csrc.nist.gov/publications/nistpubs/800-56A/sp800-56A_May-3-06.pdf> > > <http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf> > > <http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part2.pdf> > > > On 2/16/07 3:19 AM, "arshad.noor@strongauth.com" > <arshad.noor@strongauth.com> wrote: > > >>Please review for discussion. Thank you. > > > -- Arshad Noor* > > The document > >>named SKSML Requirements (SKSML-Requirements.odt) has been > > submitted by Arshad > >>Noor* to the EKMI Symmetric Key Services Markup > > Language (SKSML) SC document > >>repository. > > > Document Description: > This document (ODF) describes the > >>requirements for the Symmetric Key > > Services Markup Language. > > View Document > >>Details: > > http://www.oasis-open.org/apps/org/workgroup/ekmi-sksml/document.php? > >>document_id=22478 > > > Download Document: > > http://www.oasis-open.org/apps/org/workgroup/ekmi-sksml/download.php/22478/SK > >>SML-Requirements.odt > > > > PLEASE NOTE: If the above links do not work for you, > >>your email application > > may be breaking the link into two pieces. You may be > >>able to copy and paste > > the entire link address into the address field of your > >>web browser. > > > -OASIS Open Administration > > > > > -- > Mike Nelson, CAP, CISA, CISM, CISSP, ITIL > mnelson@securenet-technologies.com or mrfisma@gmail.com > www.securenet-technologies.com or www.fisma.us > blog: mrfisma.blogspot.com > > > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]