[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Charter questions
I have a number of questions regarding the current (2009-03-17) charter:
Q1: I can't find any support for PINs in the spec. Does this mean that user-based authentication and signature keys are out of scope? Q2: TPMs support attested key-pair generation. Where in the spec. is this addressed? Q3: Does the enterprise scope mean that KMIP is unsuitable for consumers? Q4: Key-provisioning for unregistered end-user devices cannot be through APIs only; there must be a user-acknowledge part as well. Or is the intention that end-users and devices are already authenticated to Active Directory or similar before KMIP can begin its operation? Q5: Related to Q4: Is KMIP supposed to be able to power future versions of Microsoft's Autonrollment system? Q6: What is the relation between KMIP and browser-invoked schemes like <keygen>, generateCRMFRequest (), and CertEnroll? thanks Anders Rundgren |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]