[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [kmip] Groups - Proposal for change to conformance language inKMIP Profiles (kmip profiles conformance proposal 5sep11.pdf) modified
Hi john - I believe this was the case for query in v1.0. But we can certainly discuss in the call on thursday. Regards Bob ----- Original Message ----- From: John Leiseboer [mailto:jleiseboer@bigpond.com] Sent: Wednesday, September 07, 2011 12:30 AM To: Griffin, Robert; kmip@lists.oasis-open.org <kmip@lists.oasis-open.org> Subject: RE: [kmip] Groups - Proposal for change to conformance language in KMIP Profiles (kmip profiles conformance proposal 5sep11.pdf) modified From the proposal: "Enable Discover Version to be used without requiring channel confidentiality, channel authenticity and client and server authentication." What are the reasons for this proposal? What benefits are there in supporting an insecure message exchange between KMIP clients and servers? If the channel and server are not trusted, then how is it possible for the client to trust the response? If the response cannot be trusted, then what use is it? From implementation, security, and maintenance points of view, I'd rather not be required to introduce an insecure mode of operation in my server to comply with this proposal unless there are clear and compelling reasons and/or benefits for doing this. -- John ---------------------------------------------------------------- John Leiseboer QuintessenceLabs Pty Ltd Chief Technology Officer Suite 23, Physics Building #38 P: +61 7 5494 9291 Science Road F: +61 2 6125 7180 Australian National University M: +61 409 487 510 Acton, ACT 0200 Australia mailto:jl@quintessencelabs.com www.quintessencelabs.com ----------------------------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]