[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: NIST SP800-57 Part 1 - Normative Reference
The spec (1.2 wd07) lists NIST SP800-57 Part 1 as a normative reference. What is the difference between a normative reference and a non-normative reference with respect to KMIP, and KMIP profiles? What is the purpose of normative references? For example, for a server that conforms with the asymmetric key lifecycle profile (v1.0 wd02), it is now MANDATORY that the server be non-compliant with NIST SP800-57 Part 1. Is this intended? Similarly, is it intended that a server that complies with SP 800-57 Part 1 be non-conformant with KMIP, or the KMIP asymmetric key lifecycle profile? I find it a little strange that it could be necessary to create NIST SP800-57 Part 1 profile variants of profiles like the AKLC profile when NIST SP800-57 Part 1 is already a normative reference. John ---------------------------------------------------------------------- John Leiseboer QuintessenceLabs Pty Ltd Chief technology Officer Suite 23, Physics Building #38 Phone: +61 7 5494 9291 (Qld) Science Road Phone: +61 2 6125 9498 (ACT) Australian National University Mobile: +61 409 487 510 Acton ACT 0200 Fax: +61 2 6125 7180 AUSTRALIA Email: JL@quintessencelabs.com www.quintessencelabs.com ----------------------------------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]