Re: [pkcs11] Four PKCS #11 specifications from PKCS11 TC approved as Committee Specifications

[Jakub Jelen <jjelen@redhat.com>]

Hello all,
it looks like I noticed one more issue in the latest specs 3.0. The
templates for Edwards and Montgomery curves use keyType = CKK_EC
instead of the specific key types CKK_ED_EDWARDS and CKK_ED_MONTGOMERY
for these specific curves.

I was reading through that part several times, but noticed just today.

Whether this is for errata or for 3.1, it is probably up to discussion
for you.

Regards,
Jakub

On Fri, 2020-01-17 at 12:08 -0500, Paul Knight wrote:
> OASIS Members and other interested parties,
> 
> OASIS is pleased to announce that pleased to announce that four PKCS
> #11
> specifications from the OASIS PKCS 11 TC [1] have been approved as
> OASIS
> Committee Specifications:
> PKCS #11 Cryptographic Token Interface Base Specification Version 3.0
> PKCS #11 Cryptographic Token Interface Profiles Version 3.0
> PKCS #11 Cryptographic Token Interface Current Mechanisms
> Specification
> Version 3.0
> PKCS #11 Cryptographic Token Interface Historical Mechanisms
> Specification
> Version 3.0
> 
> The PKCS #11 specifications define a platform-independent API to
> cryptographic tokens, such as hardware security modules and smart
> cards.
> The API itself is named "Cryptoki" (from "cryptographic token
> interface"
> and pronounced as "crypto-key").
> 
> "Base Specification" defines data types, functions and other basic
> components of the PKCS #11 Cryptoki interface.
> "Profiles" is intended for developers and architects who wish to
> design
> systems and applications that conform to the PKCS #11 Cryptographic
> Token
> Interface standard.
> "Current Mechanisms" defines mechanisms that are anticipated for use
> with
> the current version of PKCS #11.
> "Historical Mechanisms" defines mechanisms for PKCS #11 that are no
> longer
> in general use.
> 
> These Committee Specifications are OASIS deliverables, completed and
> approved by the TC and fully ready for testing and implementation.
> 
> The prose specifications and related files are available here:
> *********************
> PKCS #11 Cryptographic Token Interface Base Specification Version 3.0
> Committee Specification 01
> 19 December 2019
> 
> Editable source (Authoritative):
> https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/cs01/pkcs11-base-v3.0-cs01.docx
> HTML:
> https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/cs01/pkcs11-base-v3.0-cs01.html
> PDF:
> https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/cs01/pkcs11-base-v3.0-cs01.pdf
> PKCS #11 header files:
> https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/cs01/include/
> *********************
> PKCS #11 Cryptographic Token Interface Profiles Version 3.0
> Committee Specification 01
> 19 December 2019
> 
> Editable source (Authoritative):
> https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.0/cs01/pkcs11-profiles-v3.0-cs01.docx
> HTML:
> https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.0/cs01/pkcs11-profiles-v3.0-cs01.html
> PDF:
> https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.0/cs01/pkcs11-profiles-v3.0-cs01.pdf
> PKCS #11 header files:
> https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.0/cs01/include/
> *********************
> PKCS #11 Cryptographic Token Interface Current Mechanisms
> Specification
> Version 3.0
> Committee Specification 01
> 19 December 2019
> 
> Editable source (Authoritative):
> https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/cs01/pkcs11-curr-v3.0-cs01.docx
> HTML:
> https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/cs01/pkcs11-curr-v3.0-cs01.html
> PDF:
> https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/cs01/pkcs11-curr-v3.0-cs01.pdf
> PKCS #11 header files:
> https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/cs01/include/
> *********************
> PKCS #11 Cryptographic Token Interface Historical Mechanisms
> Specification
> Version 3.0
> Committee Specification 01
> 19 December 2019
> 
> Editable source (Authoritative):
> https://docs.oasis-open.org/pkcs11/pkcs11-hist/v3.0/cs01/pkcs11-hist-v3.0-cs01.docx
> HTML:
> https://docs.oasis-open.org/pkcs11/pkcs11-hist/v3.0/cs01/pkcs11-hist-v3.0-cs01.html
> PDF:
> https://docs.oasis-open.org/pkcs11/pkcs11-hist/v3.0/cs01/pkcs11-hist-v3.0-cs01.pdf
> PKCS #11 header files:
> https://docs.oasis-open.org/pkcs11/pkcs11-hist/v3.0/cs01/include/
> *********************
> 
> For your convenience, OASIS provides a complete package of the
> specification document and any related files in ZIP distribution
> files. You
> can download the ZIP files at:
> "Base Specification":
> https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/cs01/pkcs11-base-v3.0-cs01.zip
> "Profiles":
> https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.0/cs01/pkcs11-profiles-v3.0-cs01.zip
> "Current Mechanisms":
> https://docs.oasis-open.org/pkcs11/pkcs11-curr/v3.0/cs01/pkcs11-curr-v3.0-cs01.zip
> "Historical Mechanisms":
> https://docs.oasis-open.org/pkcs11/pkcs11-hist/v3.0/cs01/pkcs11-hist-v3.0-cs01.zip
> 
> Members of the PKCS11 TC [1] approved these specifications by Special
> Majority Vote. The specifications had been released for public review
> as
> required by the TC Process [2]. The vote to approve as Committee
> Specifications passed [3], and the documents are now available online
> in
> the OASIS Library as referenced above.
> 
> Our congratulations to the TC on achieving this milestone and our
> thanks to
> the reviewers who provided feedback on the specification drafts to
> help
> improve the quality of the work.
> 
> ========== Additional references:
> [1] OASIS PKCS 11 TC
> https://www.oasis-open.org/committees/pkcs11/
> 
> [2] Public review:
> * 30-day public review, 06 Jun 2019:
> https://lists.oasis-open.org/archives/pkcs11/201906/msg00010.html
> - Comment resolution log:
> https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.0/csprd01/pkcs11-profiles-v3.0-csprd01-comment-resolution-log.pdf
> 
> [3] Approval ballot:
> https://www.oasis-open.org/committees/ballot.php?id=3459
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.