kmip-comment message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Feedback on KMIP spec
- From: Bruce Rich <brich@us.ibm.com>
- To: kmip-comment@lists.oasis-open.org
- Date: Thu, 14 Jan 2010 10:17:33 -0600
I have the following issues with the
KMIP specification.
Section 4.24
Given that the operations required to
be supported have been delegated to the profile, all operations (save Query)
are now theoretically optional, so the Query Operations response must be
able to report all operations, not just the formerly optional operations
of Validate, Certify, Re-Certify, Notify and Put.
Additionally, it would be useful to
have Query report on which profiles are supported, as this would provide
clients a quick way to determine the minimum set of operations supported
by the server.
Section 11.21
The server will return an error result/reason
of OperationFailed/PermissionDenied if a destroy() is requested and the
object is not already deactivated. Failing destroy() seems an appropriate
response if the object were ACTIVE, but not if it were PREACTIVE. So
the request is to change the language to say "Object is not in a state
of PREACTIVE or DEACTIVATED". One might also argue that a new
reason of IllegalStateTransition would be more meaningful than PermissionDenied,
but that might require a more intrusive set of changes, so would recommend
against that new reason.
Table 45
The Cryptographic Domain Parameters
table (Table 45) lists an enumeration for the Recommended Curve, but no
reference is given for said enumeration. It might be 9.1.3.2.5, but
I'm guessing.
Bruce A Rich
brich at-sign us dot ibm dot com
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]