Re: [pkcs11] header file contents

[Valerie Fenwick <valerie.fenwick@oracle.com>]

Hi Tim -

I appreciate your detailed attention to the process and know your
heart is always in the right place.

On 6/10/2015 8:17 PM, Tim Hudson wrote:
> What I was trying (clearly rather unsuccessfully) to figure on the call
> today was where we should be going to look for items to determine how to
> fill in the identified gaps are and that depends on what your view point
> is on what the definitive source (normative) text is when there is
> missing content.
>
> Other than the OASIS specification documents for v2.40 we have as source
> material the original v2.30 draft documents contributed by RSA/EMC in
> March 2013 *and *the v2.30 draft header files also contributed by
> RSA/EMC which Bob uploaded way back in June 2013 at
> https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/49510/latest/PKCS11_v2.40_header_files_wd01.zip

I believe that is a critical thing we forgot about when we met face-to-face
in April, what our starting point should be.

While we all have a copy of v2.20 of the header files, many of us in
our shipping projects - those were not, at this time, given to OASIS
for us to use.


> I've gone through all the items noted by Stef at
> https://wiki.oasis-open.org/pkcs11/Definitions and updated them having
> looked at each to see where the items first appeared in the various
> specification versions and/or header files and included notes on that
> information and a suggestion as to the path forward.

Thank you for doing that - I believe most (all?) of these will result
in changes to 2.41

> I've only processed the missing values in the last section to look for
> clashes and haven't updated those noting where they are defined in
> previous versions as yet (i.e. that information was only extracted for
> the list against each document not for the missing items list at the
> end).  Where items would qualify for an errata I've noted that for
> reference.
>
> I have also included the two items from Jaroslav Imrich that included a
> suggestion to include both the correct and incorrect names for two
> constants in the header files (added at the end).

Does that mean you went through his email to see what additional errors
he found beyond Stef's?

> It appears that none of the proposed header file versions (Stef, Oscar,
> Dina) were produced by working forward from the v2.30 header files for
> various reasons and for at least a few items we have directly clashing
> numeric values being proposed.

Where those conflicts occur, do the 2.40 documents pick a side?

> My assumptions going forward are:
> 1) where there is content missing from the specification that needs to
> go into the header files for actual use that any values defined already
> in the v2.30 header files Bob uploaded should be seen as the "correct"
> value to use

That seems reasonable, but I would like to discuss in the TC as that
may cause compatibility issues with software already deployed under 2.20
(yes, I know some folks did roll out with 2.30, but I could not guess
at the percentages)

> 2) if we find an issue with any of the v2.30 header file contents then
> we should step back to the v2.20 header files and resolve using those
> given that RSA did not publish a version of the v2.30 header files on
> the RSA web site back during the original v2.30 specification work

That sounds reasonable.

> 3) for the final header files where we have information that is not in
> the specification text then we need to update the specification text so
> that there is no clash of content for a subsequent version

That sounds like a very good idea.


> Our previous TC discussions were about getting out header files rapidly
> and also quickly getting out an v2.41 update that sorts out the issues
> identified with relatively minimal other changes.


Having the header files, even if they are not "official" content of
the TC, will hopefully help us to identify these gaps.

Thank you

Valerie

--
NOTE: Using voice recognition software, forgive typos/grammar mistakes!
Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva
Solaris Cryptographic & Key Management Technologies, Manager
Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054.