OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

oasis-charter-discuss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Proposed Charter for PKCS 11 TC

OASIS Members:

A draft TC charter has been submitted to establish the OASIS PKCS 11 Technical Committee. In accordance with the OASIS TC Process Policy section 2.2: (https://www.oasis-open.org/policies-guidelines/tc-process#formation) the proposed charter is hereby submitted for comment. The comment period shall remain open until 11:59 pm ET on 03 January 2013.

OASIS maintains a mailing list for the purpose of submitting comments on proposed charters. Any OASIS member may post to this list by sending email to: oasis-charter-discuss@lists.oasis-open.org. All messages will be publicly archived at: http://lists.oasis-open.org/archives/oasis-charter-discuss/. Members who wish to receive emails must join the group by selecting "join group" on the group home page: http://www.oasis-open.org/apps/org/workgroup/oasis-charter-discuss/. Employees of organizational members do not require primary representative approval to subscribe to the oasis-charter-discuss e-mail.

A telephone conference will be held among the Convener, the OASIS TC Administrator, and those proposers who wish to attend within four days of the close of the comment period. The announcement and call-in information will be noted on the OASIS Charter Discuss Group Calendar.

We encourage member comment and ask that you note the name of the proposed TC (PKCS 11) in the subject line of your email message.

--- TC Charter 

(1) TC Charter

(1)(a) Name of the TC

OASIS PKCS 11 Technical Committee

(1)(b) Statement of Purpose

The purpose of the PKCS 11 Technical Committee is the on-going enhancement and maintenance of the PKCS #11 standard, widely used across the industry as a core specification for cryptographic services. The PKCS #11 standard, originally developed under the leadership of RSA Laboratories, specifies an API, called Cryptoki, for devices which hold cryptographic information and perform cryptographic functions. The API follows a simple object-based approach, addressing the goals of technology independence (any kind of device) and resource sharing (multiple applications accessing multiple devices), presenting to applications a common, logical view of the device called a cryptographic token.

(1)(c) Scope of Work

The committee will address requirements for enhancements to and maintenance of the PKCS #11 standard as an API for devices that may hold cryptographic information and may perform cryptographic functions. These requirements include such areas as new mechanisms for instrumentation of the PKCS #11 application programming interface. Other areas of in-scope activity for the committee include the specification of new PKCS #11 functionality in support of integration with other standards, particularly OASIS Key Management Interoperability Protocol (KMIP). The committee will also engage in activities that support effective and interoperable implementation of PKCS #11, including such activities as developing guidance on the use of PKCS #11, supporting interoperability testing and coordination of reference implementations.

(1)(d) List of Deliverables

The initial goal of the OASIS PKCS 11 Technical Committee is to finalize the current draft work on V2.30 of the PKCS #11 Specification, based on the contributions listed in (2)(h)", within 12 to 18 months of the first meeting. Inclusion of additional mechanisms and other enhancements will also be considered for this release, to the extent that they can be accommodated within a reasonable time-frame. The deliverable for this initial work is the following:

- PKCS #11 Specification. This provides the normative expression of the application programming interface, including objects, attributes, operations, mechanisms and other elements. The specification may be created as a single document or (as is the case with the current draft) or in multiple parts to facilitate ease-of-use of the standard.

The PKCS #11 Specification will be the primary on-going deliverable of the TC. However, as part of its continuing work, the PKCS 11 TC will also support activities to encourage adoption of the PKCS #11 standard. These activities and related deliverables are anticipated to include:

- Development of PKCS #11 Test Cases documentation, describing test scenarios and implementation details for purposes of validating PKCS #11 functionality and verifying interoperability across PKCS #11 implementations.

- Development of PKCS #11 Profiles documentation, containing profiles that enable PKCS #11 implementations to claim conformance to specific sets of PKCS #11 functionality.

- Development of PKCS #11 Usage Guide documentation, providing guidance on the use of PKCS #11 functionality

- Development of PKCS #11 Errata documentation, if and as needed.

- Definition of integration mechanism for use of PKCS #11 with other standards, such as OASIS KMIP.

- Coordination of functional testing validating PKCS #11 functionality

- Coordination of interoperability testing across PKCS #11 implementations as interoperability sessions to test effectiveness of the specification

-  Coordination of efforts to develop reference implementations of PKCS #11

(1)(e) IPR Mode

The PKCS 11 TC is anticipated to operate under RF on RAND mode of the OASIS IPR Policy [https://www.oasis-open.org/policies-guidelines/ipr#s10.2.2].

(1)(f) Anticipated Audience or Users

PKCS #11 is intended for architects, designers and implementers of providers and consumers of cryptographic services.

(1)(g) Language

Work group business and proceedings will be conducted in English.

(2) Non-Normative Information Regarding TC

(2)(a) Similar or Applicable Work

PKCS #11 is one of the family of standards called Public-Key Cryptography Standards (PKCS), originally developed under the leadership of and published by RSA Laboratories. Minimal further development is anticipated at this time for the other standards within the PKCS family, some of which remain under RSA leadership and others of which have been transferred to IETF. The PKCS 11 Technical Committee will maintain TC Liaison relationships with both RSA and IETF with respect to the other standards in the PKCS family, to the extent that there is relevant activity in those organizations regarding these other standards.

Activity in support of cryptographic standardization is also going on in a number of other venues, including other OASIS committees such the Key Management Interoperability Protocol (KMIP) Technical Committee, other standards organizations such as IETF KeyProv, and under vendor sponsorship such as the Microsoft MS-CAPI standard. The PKCS 11 Technical Committee will seek to align its technical activities and deliverables with these other standardization initiatives in order to support harmonized vocabularies, avoid unnecessary duplication of effort, and promote interoperability and integration with respect to cryptographic objects and operations. Where deemed appropriate, the OASIS PKCS 11 Technical Committee will establish formal TC Liaison relationships with other organizations working on related standards.

(2)(b) Date, Time, and Location of First Meeting

The first meeting will be held in person on Monday, 4 March 2013, at 9:00 AM Pacific Standard Time. It will be hosted by EMC/RSA in the San Francisco area. Conference calling facilities will be provided for those who cannot attend in person.

(2)(c) Ongoing Meeting Plans and Sponsors

The TC expects to meet bi-weekly by conference call. Sponsorship is to be determined at the first meeting.

(2)(d) Proposers of the TC

1.      Tim Hudson, tjh@cryptsoft.com, Cryptsoft

2.      Tony Cox, tjc@cryptsoft.com, Cryptsoft

3.      Robert W. Griffin, robert.griffin@rsa.com, EMC.

4.      Valerie Fenwick, valerie.fenwick@oracle.com, Oracle.

5.      Michael Stevens, ms@quintessencelabs.com, Quintessence Labs

6.      Ajai Puri, ajai.puri@safenet-inc.com, SafeNet.

7.      Robert Lockhart, robert.lockhart@thales-esecurity.com, Thales.

8.      Peter Gutmann, pgut001@cs.auckland.ac.nz , University of Auckland

(2)(e) Statements of Support

1. Tim Hudson, tjh@cryptsoft.com, Cryptsoft. "As Cryptsoft’s primary representative to OASIS, I approve the PKCS 11 TC charter and endorse all Cryptsoft proposers listed in (2)(d)."

2. Robert Philpott, robert.philpott@rsa.com, EMC. "As EMC’s primary representative to OASIS, I approve the PKCS 11 TC charter and endorse all EMC proposers listed in (2)(d)."

3. Martin Chapman, martin.chapman@oracle.com, Oracle. "As Oracle’s primary representative to OASIS, I approve the PKCS 11 TC charter and endorse all Oracle proposers listed in (2)(d)."

4. John Leiseboer, jl@quintessencelabs.com, Quintessence Labs. "As Quintessence Labs’s primary representative to OASIS, I approve the PKCS 11 TC charter and endorse all Quintessence Labs proposers listed in (2)(d)."

5. Bill Becker, bill.becker@safenet-inc.com, SafeNet. "As SafeNet’s primary representative to OASIS, I approve the PKCS 11 TC charter and endorse all SafeNet proposers listed in (2)(d)."

6. Darren Learmonth, darren.learmonth@thales-esecurity.com, Thales. "As Thales’ primary representative to OASIS, I approve the PKCS 11 TC charter and endorse all Thales proposers listed in (2)(d)."

(2)(f) TC Convener

Robert Griffin, robert.griffin@rsa.com, EMC will be the convener.

(2)(g) Member Section Affiliation

The PKCS 11 TC will request affiliation with the IDtrust Member Section.

(2)(h) Initial Contributions

EMC will contribute “PKCS #11 Specification V2.30)" consisting of the following four documents:

-         PKCS #11 V2.30 Specification Front Matter  [1]
-         PKCS #11 V2.30 Core Specification [2]
-         PKCS #11 V2.30 Mechanisms Part 1 [3]
-         PKCS #11 V2.30 Mechanisms Part 2 [4]

(2)(i) FAQ Document

An initial “PKCS 11 TC FAQ” document is under development.

(2)(j) Work Product Titles

The PKCS 11 Technical Committee anticipates four work products with the following draft titles:
PKCS #11 Specification (this may consist of multiple documents, each comprising part of the complete specification)

PKCS #11 Test Cases

PKCS #11 Profiles

PKCS #11 Usage Guide


[1] PKCS #11 Version 2.30: Cryptographic Token Interface Standard: Front Matter (draft), April 2009.


[2] PKCS #11 Version 2.30: Cryptographic Token Interface Standard: Core Specification (draft), April 2009.


[3] PKCS #11 Version 2.30: Cryptographic Token Interface Standard: Mechanisms Part 1 (draft), April 2009.


[4] PKCS #11 Version 2.30: Cryptographic Token Interface Standard: Mechanisms Part 2 (draft), April 2009.


Chet Ensign
Director of Standards Development and TC Administration 
OASIS: Advancing open standards for the information society

Primary: +1 973-996-2298
Mobile: +1 201-341-1393

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]