OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [kmip] Groups - Group as a managed object(KMIP-GroupProposal-06302010.pdf) uploaded

Hi Krishna,

Thanks for putting together the proposal. I think it's very useful to be able to group managed objects into groups. At this point, I have the following questions:

1. Will a group have its own UUID?

2. Does the homogenous group only apply to symmetric keys or could you, for example, have a group of asymmetric keys? 

3. What are the requirements for a homogenous group? Can it consists of, for example, both AES and TDES keys? What about key size or key type restrictions? Can a group consists of both encryption and MAC keys?

4. What happens to a group member after a rekey or a destroy? I assume the new version of the key will not be automatically added to the group after a rekey.

5. How will the Cryptographic Usage Mask attribute of group members affect the group object? The usage mask defines the usage of a managed object and may conflict with the cursor pattern set for the group.

6. Does it even make sense to apply the Activate operation to a group?

7. This question is probably linked to the Access Control proposal. Assuming that several users have access to a group, who is able to add new members to a group? I assume the user who is able to add a managed object to a group must have access to the object and have the privilege to add the object to the group.

Thanks,
Indra 

-----Original Message-----
From: kyellepe@us.ibm.com [mailto:kyellepe@us.ibm.com] 
Sent: Wednesday, June 30, 2010 9:10 PM
To: kmip@lists.oasis-open.org
Subject: [kmip] Groups - Group as a managed object (KMIP-GroupProposal-06302010.pdf) uploaded

 Proposal to add Group as a managed object to v 1.1 of the specification.

 -- Krishna Yellepeddy

The document named Group as a managed object
(KMIP-GroupProposal-06302010.pdf) has been submitted by Krishna Yellepeddy
to the OASIS Key Management Interoperability Protocol (KMIP) TC document
repository.

Document Description:
Proposal for Group as a new managed object in KMIP

View Document Details:
http://www.oasis-open.org/committees/document.php?document_id=38504

Download Document:  
http://www.oasis-open.org/committees/download.php/38504/KMIP-GroupProposal-06302010.pdf


PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

-OASIS Open Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]