[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [kmip] Groups - Non Exportable and Sensitive Attributes Clarification uploaded
Anthony
I looked at the revisions you made to the proposal. For Sensitive you added the statement once set to True it cannot be set to False and similarly for Extractable you say once set to False then it cannot be set to True. This would mean once you make an object either sensitive or not extractable you can’t change it. Is this really what you were trying to achieve? What if someone wanted to change the sensitivity (or extractability) of an object – they won’t be able to use these attributes to do it. They would have reregister the object with a new UID and the desired attribute setting.
Also if you go this route of saying once sensitive or not extractable you can’t change it then what is the point of having the separate Always Sensitive and Not Extractable attributes? They would be redundant.
Judy
From: kmip@lists.oasis-open.org [mailto:kmip@lists.oasis-open.
org ] On Behalf Of Anthony Berglas
Sent: Tuesday, April 04, 2017 2:36 AM
To: kmip@lists.oasis-open.org
Subject: [kmip] Groups - Non Exportable and Sensitive Attributes Clarification uploaded
Submitter's message
While implementing these I discovered that my specification was not as clear as it should be wrt objects created on the server and clearing the flags. So I propose that this clarification be added.
-- Anthony Berglas
Document Name: Non Exportable and Sensitive Attributes Clarification
No description provided.
Download Latest Revision
Public Download Link
Submitter: Anthony Berglas
Group: OASIS Key Management Interoperability Protocol (KMIP) TC
Folder: Drafts
Date submitted: 2017-04-03 23:35:11
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]