[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] Groups - KMIP-SP800-130-152.pdf uploaded
Chuck In Slide 7, last bullet you suggest adding new operations for Suspend/Re-activate and associated date attributes Instead of adding new operations one could leverage the Revoke operation to support this – We deferred support of the certificateHold and removeFromCRL revocation reasons from current KMIP versions mainly because we didn’t see folks using KMIP to support the suspending/unsuspending of public key certificates. But SP800-130 support could be used as justification for adding the certificateHold and removeFromCRL options to the revocation reason enumerations. If we leverage the Revoke operation in this way you could also leverage the existing Compromise Date to handle when the key was Suspended. This assume folks are not bothered by using an attribute named ‘compromise’ for something which is ‘suspended’. A new attribute to track when the key was reactivated would still need to be added – assuming you don’t want to overload Activation Date. Judy From: kmip@lists.oasis-open.org [mailto:kmip@lists.oasis-open.org] On Behalf Of Charles White Submitter's message
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]