OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: NIST SP800-57 Part 1 - Normative Reference

The spec (1.2 wd07) lists NIST SP800-57 Part 1 as a normative reference. What is the difference between a normative reference and a non-normative reference with respect to KMIP, and KMIP profiles? What is the purpose of normative references? For example, for a server that conforms with the asymmetric key lifecycle profile (v1.0 wd02), it is now MANDATORY that the server be non-compliant with NIST SP800-57 Part 1. Is this intended? Similarly, is it intended that a server that complies with SP 800-57 Part 1 be non-conformant with KMIP, or the KMIP asymmetric key lifecycle profile?

I find it a little strange that it could be necessary to create NIST SP800-57 Part 1 profile variants of profiles like the AKLC profile when NIST SP800-57 Part 1 is already a normative reference.


John Leiseboer                          QuintessenceLabs Pty Ltd
Chief technology Officer                Suite 23, Physics Building #38
Phone:  +61 7 5494 9291 (Qld)           Science Road
Phone:  +61 2 6125 9498 (ACT)           Australian National University
Mobile: +61 409 487 510                 Acton ACT 0200
Fax:    +61 2 6125 7180                 AUSTRALIA
Email:  JL@quintessencelabs.com         www.quintessencelabs.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]