[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] Updated Proposal: Define CKA_CERTIFICATE_CATEGORY constants
Stef, I have a few questions:1) According the defined value below, it has 0UL, 1UL, 2UL, 3UL, that says they cannot coexist.
Would that be a good idea for it to be coexisted ? 0UL, 1UL, 2UL, 4UL ?2) I need some clarification of the term "CATEGORY", it does not seem to cover: Signing Certificate, Email Certificate...and etc. What is the definition of "CERTIFICATE_CATEGORY" here ? This term in seems to refer to the certificate's OWNERSHIP other than its category or types.
3) Should we also consider including Registration Authority (RA), self-signed cert, CA Trusted Root cert, and etc ?
Thanks, Oscar On 06/24/13 07:43 AM, Stef Walter wrote:
Changed to use 'CK_XXXX' instead of 'CKV_' for the constant prefix. This is similar to the new OTP constants and other other odds and ends constants we have. Cheers, Stef 9.4 Object types *** New item to be added | o CK_CERTIFICATE_CATEGORY | | CK_CERTIFICATE_CATEGORY is a value that identifies a certificate | category. It is defined as follows: | | typedef CK_ULONG CK_CERTIFICATE_CATEGORY; | | For this version of Cryptoki, the following certificate categories | are defined: | | |------------------------------------------------------------------| | | Constant |Value| Meaning | | |------------------------------------------------------------------| | | CK_CERTIFICATE_CATEGORY_UNSPECIFIED | 0UL | No category | | | | | specified | | | CK_CERTIFICATE_CATEGORY_TOKEN_USER | 1UL | Certificate belongs | | | | | to owner of the | | | | | token | | | CK_CERTIFICATE_CATEGORY_AUTHORITY | 2UL | Certificate belongs | | | | | to a certificate | | | | | authority | | | CK_CERTIFICATE_CATEGORY_OTHER_ENTITY | 3UL | Certificate belongs | | | | | to a an end entity | | | | | (ie: not a CA) | | |------------------------------------------------------------------| 10.6.2 Overview *** table row to be updated | CKA_CERTIFICATE_CATEGORY CK_CERTIFICATE_CATEGORY Categorization of | the certificate. | (default CK_CERTIFICATE_CATEGORY_UNSPECIFIED) A Manifest Constants *** Lines to be added | #define CK_CERTIFICATE_CATEGORY_UNSPECIFIED 0UL | #define CK_CERTIFICATE_CATEGORY_TOKEN_USER 1UL | #define CK_CERTIFICATE_CATEGORY_AUTHORITY 2UL | #define CK_CERTIFICATE_CATEGORY_OTHER_ENTITY 3UL --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
-- Best, Oscar
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]