[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] Groups - Proposal for Cryptographic Usage Mask Attribute uploaded
What is the call in information for today’s meeting?
James "Randall" Crossland, CISSP
NGMS Cyber CoE/IA CoP Lead
301 Voyager Way, Huntsville, AL 35806
Phone: 256.830.3565 Cell: 256.683.8239
Thanks for posting these slides. I’ve amended the agenda to add your name to this topic (along with Tim H) and you can present the proposal to the TC today.
I will make a couple of comments on the proposal now:
Traditionally more detailed usage information such as how to use an attribute like Cryptographic Usage Mask has been put in the KMIP Usage Guide vs the KMIP Spec itself. For example, take a look at section 3.26 of the KMIP 1.4 Usage Guide. This section provides more information on the intended use of the Cryptographic Usage Mask. So we can discuss on the call today whether to add the proposed table to the Spec or the Usage Guide.
As to the content of the table itself – some changes will be necessary since some of the descriptions are not quite accurate or only cover one (of two) potential uses – For example crlSign is not just that the key can be used to verify a CRL (the public key case), but it can also be applied to the private key used to sign the CRL. Content Commitment is used to prove non-repudiation (only the entity signing something is in possession of the private key) -- sure you verify a digital signature to prove this, but we will need to augment the description to differentiate it from Verify.
Sr. Consultant Product Security Architect
Dell EMC | Product Security Office
On Behalf Of Nitin Jain