OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [kmip] Groups - Proposal for Cryptographic Usage Mask Attribute uploaded

The meaning of each cryptographic usage mask enumeration in terms of the impact on KMIP operations and server implementation requirements should be in the specification.
There should be both an expanded definition for Cryptographic Usage Mask and a reference in each operation where there are requirements implied on either clients or servers for such usage.

Tim.

On Fri, Jan 12, 2018 at 6:09 AM, Furlong, Judith <Judith.Furlong@dell.com> wrote:

Nitin,

 

Thanks for posting these slides.  I’ve amended the agenda to add your name to this topic (along with Tim H) and you can present the proposal to the TC today.

 

I will make a couple of comments on the proposal now:

 

Traditionally more detailed usage information such as how to use an attribute like Cryptographic Usage Mask has been put in the KMIP Usage Guide vs the KMIP Spec itself.  For example, take a look at section 3.26 of the KMIP 1.4 Usage Guide.  This section provides more information on the intended use of the Cryptographic Usage Mask.  So we can discuss on the call today whether to add the proposed table to the Spec or the Usage Guide.

 

As to the content of the table itself – some changes will be necessary since some of the descriptions are not quite accurate or only cover one (of two) potential uses – For example crlSign is not just that the key can be used to verify a CRL (the public key case), but it can also be applied to the private key used to sign the CRL.   Content Commitment is used to prove non-repudiation (only the entity signing something is in possession of the private key)  -- sure you verify a digital signature to prove this, but we will need to augment the description to differentiate it from Verify.

 

Judy

 

Judith Furlong

Sr. Consultant Product Security Architect

Dell EMC | Product Security Office

Office:  +1-508-249-1124

Judith.Furlong@dell.com

 

From: kmip@lists.oasis-open.org [mailto:kmip@lists.oasis-open.org] On Behalf Of Nitin Jain
Sent: Thursday, January 11, 2018 2:37 AM
To: kmip@lists.oasis-open.org
Subject: [kmip] Groups - Proposal for Cryptographic Usage Mask Attribute uploaded

 

Submitter's message
Currently in KMIP spec usage masks are not briefed clearly under Cryptographic Usage Mask attribute.
This Proposal will be helpful to understand the usage masks with example.

-- Mr. Nitin Jain

Document Name: Proposal for Cryptographic Usage Mask Attribute

Description
Currently in KMIP spec usage masks are not briefed clearly under
Cryptographic Usage Mask attribute.
This Proposal will be helpful to understand the usage masks with example.
Download Latest Revision
Public Download Link

Submitter: Mr. Nitin Jain
Group: OASIS Key Management Interoperability Protocol (KMIP) TC
Folder: Proposals
Date submitted: 2018-01-10 23:36:44

 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]