[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Approval of document for submission to IEEE 1619.3 WG
Thank you, Matt. You are absolutely correct about the discrepancy. My confusion between ASCII-encoded decimals and binary caused the error. My apologies. The GKID, as specified in SKSML, is an ASCII-encoded decimal, with a maximum length of 62-bytes*: 20-bytes for DID (max value: 18446744073709551615) 20-bytes for SID (max value: 18446744073709551615) 20-bytes for KID (max value: 18446744073709551615) 2 hyphens The URI, as defined in IEEE 1619.3 WG document, is 68-bytes after it includes the "ek://" prefix and the trailing "/". I do need to point out that SKSML only specifies GKID as a string with a maximum length of 62-bytes in the DID-SID-KID format. Since the 1619.3 WG is planning on working with multiple KMs and has a need to distinguish between different KM formats, we are assuming that the use of the IEEE URI format ("ek://DID-SID-KID/") is anticipated to be supported only by IEEE-compliant applications. Please correct me if this assumption is incorrect. I will update our submission document and send out the new link. Thanks for the clarification. Arshad Noor StrongAuth, Inc. * The current DRAFT specification of SKSML does not include the Domain ID (DID). I am in the process of updating it, and will be uploading it to the OASIS repository within the next 2-3 weeks. I will notify you when it is uploaded. Matt Ball wrote: > Hi Group, > > I would like to thank Arshad Noor and the rest of the EKMI group for > helping provide an EKMI namespace proposal for the P1619.3 group. You > can find the proposal at this link: > > http://www.oasis-open.org/committees/download.php/25671/P1619.3%20Name%20Space%20Subgroup%20Proposal%202007-08-24-Modified%20by%20AN-2007-10-11.doc > > According to the proposal, an EKMI key identifier consists of the > concatenation of three parts: > > 1. Domain Identifier (DID): An 8-byte Private Enterprise Number (PEN) > assigned by IANA > 2. Server Identifier (SID): An 8-byte locally-assigned value that > identifies a particular key manager within the scope of the DID > 3. Key Identifier (KID): An 8-byte locally-assigned value that > identifiers a particular key within the scope of the key manager > and DID. > > The concatenate of all three of these fields, separated by hyphens (0x2D > ASCII) forms the EKMI Global Key Identifier (GKID), for a total of 27 > bytes (according to the proposal). > > Examples of an EKMI GKID: > > * ek://0-0-0/ > * ek://10514-22-344342232/ > ** > * ek://18446744073709551615-18446744073709551615-18446744073709551615/ > > Commentary: There's a minor discrepancy in this draft, where it's > unclear whether the GKID is represented in binary or ASCII-encoded > decimal. Based on the examples, I'm assuming that the representation is > decimal, and that the actual size of the GKID is 20 characters, for a > range of 0 to 2^64-1 (8 binary bytes). With this minor change, the > maximum size of the EKMI GKID becomes: > > 5 bytes for prefix ('ek://') > 3 * 20 bytes for each of DID, SID, and KID > 2 hyphens > 1 trailing slash > > total = 68 bytes > > > After we get this minor clarification, I was hoping Bob Lockhart could > incorporation this proposal into the latest NameSpace document. I can > help as well, if needed. > > We can discuss this proposal (among others) at the Jan 14th face-to-face > meeting in Santa Ana. > > Thanks! > -Matt > > On Dec 16, 2007 7:46 PM, Arshad Noor < arshad.noor@strongauth.com > <mailto:arshad.noor@strongauth.com>> wrote: > > The ballot to approve the submission of EKMI TC's input into > the IEEE 1619.3 WG's work on their protocol, succeeded with > 5 of 8 TC voting members voting "Yes". Ballot details are at: > > http://www.oasis-open.org/apps/org/workgroup/ekmi/ballot.php?id=1399 > > This document (at the following URL) is now being sent to > the Chair of the IEEE WG: > > http://www.oasis-open.org/committees/download.php/25671/P1619.3%20Name%20Space%20Subgroup%20Proposal%202007-08-24-Modified%20by%20AN-2007-10-11.doc > > Matt, please find enclosed the EKMI TC's input into your WG > efforts. My apologies for the latency, but as Chair of your > own WG, I'm sure you understand that process takes precedence > over expedience in such matters. > > If you have any questions, please don't hesitate to contact me. > > Regards, > > Arshad Noor > StrongAuth, Inc. > > > > > -- > Thanks! > Matt Ball > IEEE SISWG Chair > 303-717-2717 > http://www.linkedin.com/in/matthewvball
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]