OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [kmip] Groups - Attestation_Proposal_v0.5.docx uploaded


Hi Kiran,

I don't have a problem with adding support for Geotags, but the NIST doc you refer to is a proof of concept draft (something I'm actually not familiar with at NIST). The TCG, TPM and SAML attestation types have standards that describe how to construct the particular object, and the objects contain identifying information to distinguish between versions. Is there something similar for Geotags?

Kelley

On Apr 22, 2013, at 5:34 PM, Kiran Kumar Thota wrote:

Thanks Kelley. This draft looks good.

For the cloud scenarios, we had discussed about adding a GeoTag capability in KMIP. The attestation credential proposal you have presented seems a great opportunity to add geotag support.

In a scenario, where only few locations are authorized to perform certain key operations, geotags are an effective way to address this.
In my mind, the simplest way to address it from the KMIP spec standpoint would be to
  Add Geotag Credential type to Attestation Type enumeration

Leave the implementation specifics just like we do for TCG, TPM and SAML to the client and server implementations.

http://csrc.nist.gov/publications/drafts/ir7904/draft_nistir_7904.pdf discusses an end-to-end scenario for usage of geotags.

Thanks,
Kiran




From: "Kelley Burgin" <kwburgi@tycho.ncsc.mil>
To: kmip@lists.oasis-open.org
Sent: Monday, April 15, 2013 6:51:28 AM
Subject: [kmip] Groups - Attestation_Proposal_v0.5.docx uploaded

Submitter's message
Addresses Bruce's comments.
-- Mr. Kelley Burgin
Document Name: Attestation_Proposal_v0.5.docx

Description
Updated Attestation Proposal to address Bruce's comment to allow the server
to indicate which Attestation Types it will accept. Includes a new Query
Function and capability for the server to pass a list of acceptable
Attestation Types in the header of an "Attestation Required" error message.
Download Latest Revision
Public Download Link

Submitter: Mr. Kelley Burgin
Group: OASIS Key Management Interoperability Protocol (KMIP) TC
Folder: Drafts
Date submitted: 2013-04-15 06:51:20





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]