[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] KMIP Spec v1.2 wd05: Multiple Cryptographic Parameters for a Single Key
On Tuesday, 2 July 2013 12:38 PM (AEST), Tim Hudson wrote: >On 2/07/2013 11:51 AM, John Leiseboer wrote: >> Another interpretation that we could apply is that multiple >> instances of the Attribute Object are permitted, but that >> fields SHALL not be repeated in each instance. > There simply is nothing within the specification to support that > interpretation. Could you locate some text to support that anywhere in > the specification? No, you misunderstand me. I am not saying there is anything in the specification that could be literally interpreted this way. In your response, you've edited out the bit where I said what the literal interpretation most likely would be. (And I'm sure that your interpretation matches that too given your response.) What I am asking, is if the TC should consider changing the specification to have this alternative interpretation. > If you can locate such text (which I haven't seen) then the text would > clash with the examples (which I know are however non-normative) in the > usage guide and with common sense usage too (see the example in the > usage guide). I think the only possible clash with Usage Guide examples would be with the key wrapping text in section 4.2. All the other examples in the Usage Guide that I can find, only show a single instance of the Cryptographic Parameters Attribute Object. > In addition, this whole area remains unchanged since the initial > contribution which went on to form KMIP 1.0. That doesn't mean it > shouldn't change, but absent a clearly demonstrated interoperability > issue we haven't made fundamental changes to KMIP other than addition of > functionality. Do we have test cases that exercise this functionality? We didn't in 1.0 or 1.1 as far as I'm aware. Even the 1.1 Key Wrap test cases did not specify keys with multiple Cryptographic Parameters instances (just to link back to the Usage Guide comments above). Perhaps we haven't seen interop issues because we simply haven't got test cases, or there aren't implementations that actually instantiate multiple Cryptographic Parameters Attribute Objects with different field values? The easiest way to not find interoperability issues, is to not test for them. John
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]