OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Comments on kmip-1.0-spec-ed-0.98 from 7/29

Here are some comments on the kmip-1.0-spec-ed-0.98 from 7/29:

In 2.1.3, pointer from transparent keys should be to 2.1.7 not 2.1.6.

To aid the reader can we add pointers for the tables that say that the 
structure is an enumeration to the appropriate tables in Sec 9?

If Key Value (2.1.4) and Key Wrapping Data (2.1.5) are only ever part of 
Key Block should the sections be made subsections to 2.1.3?

Key Value (2.1.4) indicates that it is only ever used in Key Block 
(2.1.3).  Is this also true of Key Wrapping Data (2.1.5)?  If so could 
we add the same text to 2.1.5?

In 2.1.8, the reference in the name row is broken (it's to section 0).

In 2.2, a reference is broken (it's to section 0).

Sec 3.9 unclear what the last sentence in the 1st paragraph means. The 
certificate subject shouldn't change during a renewal.  Renewals involve 
keeping the same private key and extending the lifetime.

Sec 3.12, we should probably align with PKIX and specify that when 
encipherOnly or decipherOnly is set that keyEncipherment must also be set.

Sec 3.12, I would delete the paragraph between Table 56 and Table 57 to 
avoid any debate about setting the non-repudation/digital signature 
bits.  Some certificate policies have avoided all of it by setting the 
digital signature bit also provides non-repudiation services.

Sec 3.20, add that the mechanism to indicate that special permission has 
been granted is beyond the scope of the protocol.

Sec 3.22, it seems a bit harsh to force the compromise ocurrance date to 
be the entire usage period if you don't when the compromise occurred. 
It's supposed to be an approximate time so shouldn't we just delete the 
2nd sentence?

Sec 4.*, for requests that have no required objects should we add 
something that says at least one of the objects must be present?  It 
makes it clear that for an implementation to conform it can't issue and 
empty request/response.

Sec 4.*, I think we need to add some text that says something about the 
client only being able to use operations on the entries it 
owns/controls.  There's some language in the revocation, destroy, 
archive, and recover operations, but what a data mining operation where 
I just send locates operations for all the keys on the server and then 
issue a request to get all the keys for whatever IDs it got back.

Sec 4.7, revoking the certificate after re-certify is unnecessary in 
some cases.  This should be left to the certificate policy and not 
specified in the protocol.

Cheers,

spt

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]