[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: A serious reference issue
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings! I must apologize to the TC and your editor. To the TC for missing this issue during my initial review of the KMIP drafts. To your editor because I promised a worked example to illustrate another issue and due to this error, I won't be able to keep that promise. It would require too much fixing to be feasible. To the issue: Take: KMIP Tape Library Profile Version 1.0, http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/csprd01/kmip-tape-lib-profile-v1.0-csprd01.html for example. ***** 2.2 Baseline Tape Library KMIP clients conformant to this profile under [KMIP-SPEC]: 1. SHALL conform to the KMIP Baseline Client profile in [KMIP-PROF] and [KMIP-SPEC] ***** Everyone uses different abbreviations/keys so I simply missed that [KMIP-PROF] and [KMIP-SPEC] expand to (respectively) *****Expansion of [KMIP-PROF] and [KMIP-SPEC]***** KMIP Baseline Client profile - KMIP-SPEC-1_0 KMIP Baseline Client profile - KMIP-SPEC-1_1 KMIP Baseline Client profile - KMIP-SPEC-1_2 + KMIP Baseline Client profile - KMIP-PROF-1_0 KMIP Baseline Client profile - KMIP-PROF-1_1 KMIP Baseline Client profile - KMIP-PROF-1_2 *****/end Expansion of [KMIP-PROF] and [KMIP-SPEC]/*** OK, so I started checking each of those six documents for the "KMIP Baseline Client profile...." MAJOR ISSUE: There is no "KMIP Baseline Client profile" in the following documents: KMIP Baseline Client profile - KMIP-SPEC-1_0 KMIP Baseline Client profile - KMIP-SPEC-1_1 KMIP Baseline Client profile - KMIP-SPEC-1_2 In case you are wondering, there is no "KMIP Baseline Client profile" in any of these documents: KMIP Baseline Client profile - KMIP-PROF-1_0 KMIP Baseline Client profile - KMIP-PROF-1_2 ********** Of the original six (6) documents, only KMIP Baseline Client profile - KMIP-PROF-1_1, reports: ***** 4.22 4.22 Basic Baseline Client KMIP Profile ***** Reading: ***** A profile that consists of the tuple {Baseline Client Conformance Clause, Basic Authentication Suite} ***** And if you chase the references Baseline Client Conformance Clause, it points to: Key Management Interoperability Protocol Specification Version 1.1. 21 September 2012. Candidate OASIS Standard 01. http://docs.oasis-open.org/kmip/spec/v1.1/cos01/kmip-spec-v1.1-cos01.html. a candidate OASIS standard. One part of the difficulty is that you have cited six documents where only one was an arguably correct reference. Another part is that it appears you were trying to profile these various versions collectively, with more attention to the test cases than the prose. I'm not saying such a profile isn't possible but as written, your editor is right, the test cases, are the organizational principle of these documents. That's unfortunate because the test cases only test a limited number of cases permitted under the prose, at least insofar as I can determine what the prose is meant to say. I will refrain from offering a solution at this point because the TC will need to satisfy itself as to the facts of this issue and how it wishes to proceed in terms of addressing this concern, should it find it is well founded. Hope everyone is having a great week! Patrick PS: The collective nature of the [KMIP-PROF] and [KMIP-SPEC] citations means that all citations of [KMIP-PROF] and [KMIP-SPEC] need to be checked and the correct citations inserted. (Or updated, etc. as the case may be.) While true that some people will rely solely on the test cases, there are people who rely upon standards as written and for such important work as this, in these security conscious times, other people will be checking your work very closely. Just my opinion but I would want to remove every known basis for criticism before I released such an important document to the public. - -- Patrick Durusau patrick@durusau.net Technical Advisory Board, OASIS (TAB) Co-Chair, OpenDocument Format TC (OASIS) Editor, OpenDocument Format TC, Project Editor ISO/IEC 26300 Former Chair, V1 - US TAG to JTC 1/SC 34 Convener, JTC 1/SC 34/WG 3 (Topic Maps) Co-Editor, ISO 13250-5 (Topic Maps) Another Word For It (blog): http://tm.durusau.net Homepage: http://www.durusau.net Twitter: patrickDurusau -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTMIjsAAoJEAudyeI2QFGofdMQANJnK53en6YcszE9T1i/gbpf tDg9zo5/Nz2b1YFhE8XAI/HZjRsyUnqgk/uzT0FgbAIQ1kRqQRP6nDOf3z+NlhLi UObacrvhjAoJv5fAIBX8sBpXH1oC5C/Zz2eDaYISF5jQK7eZc1JQxxINeIHgMCjK SBwyrQWduMlBSHNPLSPOIze72Mi7TKvBZX4gm1iKpzXG0ltQ0MOSk2V37Iu48Kt2 OI4JhVz31t4ldcrrvgf3JSijziLJERqa2fI9QjML2tK9ksoj1O3J57/QSx7ypgbY U0yp4xZmCzF0okLAkxoOToNYlxZy15igIU5o9drRgwwlzx3i6N3OH20iwJsta+PM CkD7/4U1TGifXUqxwJis+OsoLedJ/l9maEerykX+VXaTNvOmFr+c3x+s9h4i3UVI 51JM8yhy7PoSIjoLzXzTL6uTXQZODKaxdUXiEVcc3bua8xZKyp5rSGW5mIO2CJxG CBc0uICSuLQjaA34NBdNVfmy0f9OKH43pgdMtsEjT4e2DOtixlN6yGuJgikYw2s/ e6NIH9CBQQ5FdioH6diFZoTmSHKPml4tBw7HdpTQOT5tJHpq5roQ0LuiPavMe4MI NWW5OWGyrkxqcoWWi/1MWy6jFfqIfuWFHubeDbh/nIwpro0s9D+Fd7uSfGBk4aFv jHZpw7s0pxzJDp7AMO6k =MSxQ -----END PGP SIGNATURE-----
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]