OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

kmip-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Issue with KMIP 1.1 Profiles document

The new asymmetric profiles all call out RAW as one of the REQUIRED key formats.  This may be a copy-and-paste carry-over from the symmetric profiles where those keys do in fact have a RAW format.  The PKCS1 format itself is so raw that you need the context or an attribute to tell you whether it's a public key or private, so asserting that one also needs to support asymmetric RAW format keys begs further definition.  Furthermore, the use cases document shows no testcase that demonstrates interop with RAW format for asymmetric keys, so it is doubtful that those companies that need to attest to their support of the profile can actually point to any evidence of said support for asymmetric RAW format.  To address this issue, I would suggest either that RAW format for asymmetric keys is defined (possibly in the protocol spec) and usage is illustrated in the use cases document, or that the RAW key format requirement is removed from the profiles document in sections 5.6.2, 5.7.2, 5.8.2, 5.9.2, 5.10.2, 5.16.2, 5.17.2, 5.18.2, 5.19.2, and 5.20.2.

Bruce A Rich
brich at-sign us dot ibm dot com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]