OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [kmip] Protocol Version Negotiation

Hi John,

Thanks for your comments.

The currently defined operation does what we discussed during the F2F. It allows client and server to identify a protocol version both support. When we first started working on the proposal, I made certain assumptions about the server. I had to remind myself that in KMIP we assume that servers are stateless. Calling the operation protocol version negotiation may be confusing; I am aware that we cannot mimic how TLS performs version negotiation. A KMIP server may not remember the agreed protocol version and may not be able to enforce usage of this version. At the end of the day, it is up to the client to determine which protocol version to use. For this reason, I am fine with changing our approach to simply allowing clients to query the protocol version the server supports. I have been thinking about two possible approaches. We could either return the list of supported protocol versions in the Query response or create a new Query Version operation that returns the supported versions in the response. This list can be returned in order of preference. (If we decide to go with the current approach, we may want to rename the operation to Query Version instead of Protocol Version Negotiation.)

Both the existing and new approach will achieve the same thing at the end. The client and server will be able to identify a protocol version that both support. The question is whether the server should determine which version to use (assuming the client decides to use the agreed protocol version) or whether we should simply leave it to the client.

Any comments/feedback would be greatly appreciated.


-----Original Message-----
From: jl@quintessencelabs.com [mailto:jl@quintessencelabs.com] 
Sent: Wednesday, April 13, 2011 11:41 PM
To: kmip@lists.oasis-open.org
Subject: [kmip] Protocol Version Negotiation

John Leiseboer added the following comment to the Proposal for Protocol Version Negotiation.docx document in the OASIS Key Management Interoperability Protocol (KMIP) TC Group.

TLS is a session-based protocol, therefore negotiated session parameters, including protocol version, makes sense. Does it make sense to support a protocol version negotiation for KMIP which is a connectionless protocol?

Wouldn't it be more useful, and consistent, if KMIP provided some means of querying for supported protocol versions rather than negotiating them? Rather than the server returning a single protocol version that it determines as suitable, wouldn't it be more sensible to return all versions that it supports? (It could return the supported versions as a list in preferred order.)

View Document Details and Comments:

Download Document:  

PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

- Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]