OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: comment on v1 symmetric key profile

Hello all,
   I noticed a shortcoming in the profile document for symmetric key support. The profile doc doesn't say the create function requires support for key length or modes (crypto parameters). Given some client implementations support multiple lengths and modes, this is a significant shortcoming for clients that would like to request server creation of keys.  This should be added to the v1 or later symmetric key profile. Preferably the v1 profile should be changed to add these two server requirements.
I can provide a redline of the document with this small profile document change if this proposal is agreeable.
It should be noted that the spec says that the server MUST create a Length attribute when a managed cryptographic object is created or registered. But the profile doesn't match up with that.  There may be a similar change needed related to the registration function support in the symmetric key profile supporting that operation.
Larry H

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]