Re: [kmip] KMIP Spec v1.2 wd05: Multiple Cryptographic Parameters for a Single Key

[Tim Hudson <tjh@cryptsoft.com>]

On 4/07/2013 11:20 AM, John Leiseboer wrote:

On Thursday, 4 July 2013 10:33 AM, Tim Hudson wrote:

You raised this as a major security issue that absolutely must be dealt with

Once again you are exaggerating. Please show the list where I said that this was a “major security issue that absolutely must be dealt with”. Going through my emails, this is the essence of what I’ve said:

You need to go back through and review all the threads you have raised - and the common element in each of the issues you are bringing up is a "security" concern - using the word "security" each and every time. I didn't put that sentence in quotation marks deliberately - capturing the essence of your arguments across all of the issues and the multiple threads that lead to them. But your arguments on the list and on the calls follow that same repeated theme. My sense is that these all stem from a very different viewpoint on what you think KMIP should be covering - a viewpoint I have not as yet seen anyone else express as being within the scope of KMIP.

If you thought this was a minor issue then I assume you wouldn't be raising it.

It in no way means the points you are raising are without merit - in a different context - but I do think they are items outside the scope of KMIP and are conflicting with the consensus decisions to date of the TC. To change direction requires a new consensus. It would also have an impact on deployed vendor implementations.

Tim.