OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: pkcs11_kem_draft3 comments

1.3.1:

 

C_DecapsuslateKey -> C_DecapsulateKey

 

Suggest moving the CKA_LOCAL and CKA_UNIQUE_ID sentences to where CKA_ALWAYS_SENSITIVE, CKA_NEVER_EXTRACTABLE, and CKA_EXTRACTABLE the statements are located. Something like:

The new key will have:

  • the CKA_ALWAYS_SENSITIVE attribute set to CK_FALSE,
  • the CKA_NEVER_EXTRACTABLE attribute set to CK_FALSE,
  • the CKA_EXTRACTABLE attribute set to the value in the input template with a default of CK_TRUE if not provided,
  • the CKA_LOCAL attribute set to CK_FALSE, and
  • the CKA_UNIQUE_ID attribute generated and assigned per Section 4.4.1.

 

CKA_UNIQUE_ID should be in bold

 

Suggest moving “If a call to C_DecapsulateKey cannot support the precise template supplied to it, it will fail and return without creating any key object.” Above the description of what the resulting key attributes should be so that there’s some logical flow:

  • Input is X, Y, and Z
  • If input is bad, do A
  • On success, the output shall be B
  • Additional information

 

Rather than saying “if pCiphertext is not big enough…” can we just say “uses the convention described in Section 5.2 on producing output.”

 

 

1.3.2

 

C_EncapsulatesKey -> C_EncapsulateKey (there’s an ‘s’ at the end of Encapsulates that should be removed)

 

CKA_UNIQUE_ID should be in bold

 

Sincerely,

Jonathan

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]