OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pkcs11] Groups - Ballot reminder: "Proposal for changes to DSA mechanism"

Repeating this here so people don't actually have to read through the rest:
If anyone other than Tim has a doubt, I'd recommend you take a quick look at the attached black line - you're voting with respect to those changes from the currently accepted document and only those changes. A NO vote leaves the -3 document in place unchanged with it's backwards compatibility problem. 



On 9/11/2013 1:03 PM, Tim Hudson wrote:
Just because fips186 elects to ha e restrictions does not mean we should wired those into the api where we haven't previously.
No one indicated that change was going in ... It was presented as just adjusting their refs and handling subprime backwards compatibility when not specified.
*sigh* This was addressed multiple times on multiple calls, or did you not hear me when I said that this section would need to be reconciled with Oscar's document? Not my problem. 



It does more than that.

The comment and view stands.

This was meant to be an addition to the previously accepted ballot.

Tim.



Let's see now.

First you voted for the document with the changes to the manifest.
Now you want to vote against them. (E.g. the manifest contents didn't change from the -3 document which you voted for to the -4 document). But voting against them will leave them intact on the -3 document. Hmm...
Then you voted for the document with the language for FIPS186-4 (oscar's document) 
Now you want to vote against text that is pretty much the same.

Seriously?  OK - moving on.
You've again misstated the case by stating the document "wired those into the API" referring to the FIPS186-4 language - the text doesn't actually say that. It says that a FIPS 186-4 compliant implementation won't use values other than those stated. It also leaves the old values intact in the standard for backwards compatibility. It ALSO leaves the original domain parameter generator intact as a FIPS 186-2 backwards compatible mechanism If you really have a problem with that particular text in that you don't think it says what I'm saying it says, then propose a change. That would more helpful than this approach. 

This is my last message on the topic.
To clarify things, I've attached a legal blackline (e.g. a MS word compare) between the previously passed pkcs11-fips-186-3 and the currently balloted pkcs11-fips-186-4. The marks are the ONLY changes between -3 and -4, and the bulk of them are fixing typos.
As Oscar previously noted, table 5 has a formatting error that will need to be corrected by the editor.
If anyone other than Tim has a doubt, I'd recommend you take a quick look at the attached black line - you're voting with respect to those changes from the currently accepted document and only those changes. A NO vote leaves the -3 document in place unchanged with it's backwards compatibility problem. 

Later, Mike

Attachment: pkcs11-dsa-186-3-to-4-blackline.docx
Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]