OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Modified: PKCS11 Face-to-Face


Event Title: PKCS11 Face-to-Face

Date: Friday, 26 February 2016, 08:30am to 05:00pm PST
Location: Castro Street, Mountain View, CA
Description

DRAFT AGENDA - Send Bob R and Valerie additional topics (including time needed)

all times PT


8:30AM->9:00AM Arrive, checkin on site

9:00AM -> 9:15AM Introductions

9:15AM->9:30AM Burt Kaliski, PKCS 25th Anniversary

9:30->9:45AM Update on PKCS#11 2.40 Errata, next steps

9:45->10AM Break

10:00-> 11:30AM PKCS#11 2.41

  • New algorithms: SHA3, ChaCha, Poly
  • AES GCM IV - Can we abuse the parameter field?
  • Error code improvements (from Darren M)
  • EncryptCancel(), DigestCancel() ... which stops operation and cleans context. Now we have to simulate it with some kind of failure.
  • Extending C_GenerateRandom to specify RNG quality
  • Adding C_RenameToken, C_ChangeLabel, and/or C_ClearToken
  • CKA_UUID (or similar unique identifier attribute for objects). Right now, PKCS#11 objects can be hard to map into other protocols/keystore/databases (esp. KMIP) because there is no standard way to associate anything resembling a unique primary key with objects.
  • Others?

11:30 -> 11:45 Letter to CMVP/NIST

11:45->1PM Lunch

1PM -> 1:30PM Graham S.: Associating Attributes to Wrapped Keys

1:30PM -> 2:30 Bob R.: AEAD (Wan-Teh's 3.0 work)

2:30 -> 2:45 PM Break

2:45 -> 3:00 Interop update

Motion to participate in 2017 Interop at RSA Feb 2017.

3:00 -> 4:30 PKCS#11 3.00 topics (please let Valerie/Bob know)

  • Application/library context - C_Inititlize returns context and C_Finalize cleans only the sessions, objects and other related to the context or all library if context is not passed. Now we cannot calls C_Finalize in shared libraries (may just be an OS issue).
  • Adding multiple user support to C_Login to also take a user name
  • and call back mechanism
  • Forking: Remove fork behaviour from standard, perfectly acceptable to work in the child.
  • Map KMIP attributes to PKCS#11 object lifecycle attributes and enforcement. This includes new (different) error codes for attempts to use objects before/after it's valid to use them for the desired purpose. (example: should C_Encrypt() fail if the key passed is beyond its Protect Stop Date?)


4:30 -> 5:00 Set next meeting date , adjourn


This meeting counts towards voter eligibility.

Owner: Valerie Fenwick
Group: OASIS PKCS 11 TC
Sharing: This event is shared with the OASIS Open (General Membership), and General Public groups. Public Event Link

Microsoft Outlook users: You will see event notifications requiring further action in your Outlook mail application.
Non-Outlook users: We still recommend subscribing to a Group or organization-wide calendar to keep your calendar updated.

  • Learn more about subscribing here.
  • View the updated Group web calendar here.

Attachment: ical_42353.ics
Description: application/ics

BEGIN:VCALENDAR
CALSCALE:GREGORIAN
METHOD:REQUEST
VERSION:2.0
PRODID:-//Kavi Corporation//NONSGML Kavi Groups//EN
X-MS-OLK-FORCEINSPECTOROPEN:TRUE
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
BEGIN:STANDARD
DTSTART:20001029T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T090000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T020000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T020000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T100000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T020000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
STATUS:CONFIRMED
TRANSP:OPAQUE
DTSTAMP:20160226T011754Z
DTSTART;VALUE=DATE-TIME;TZID=America/Los_Angeles:20160226T083000
DTEND;VALUE=DATE-TIME;TZID=America/Los_Angeles:20160226T170000
SEQUENCE:3
SUMMARY:PKCS11 Face-to-Face
LOCATION:Castro Street, Mountain View, CA
LAST-MODIFIED:20160226T011754Z
ORGANIZER:workgroup_mailer@lists.oasis-open.org
DESCRIPTION:DRAFT AGENDA - Send Bob R and Valerie additional topics (inc
 luding time needed)\n\nall times PT\n\n\n8:30AM-&gt\;9:00AM 
 Arrive\, checkin on site\n\n9:00AM -&gt\; 9:15AM Introductio
 ns\n\n9:15AM-&gt\;9:30AM Burt Kaliski\, PKCS 25th Anniversar
 y\n\n9:30-&gt\;9:45AM Update on PKCS#11 2.40 Errata\, next s
 teps\n\n9:45-&gt\;10AM Break\n\n10:00-&gt\; 11:30AM PKCS#11 
 2.41\n\n\n	New algorithms: SHA3\, ChaCha\, Poly\n	AES GCM IV
  - Can we abuse the parameter field?\n	Error code improvemen
 ts (from Darren M)\n	EncryptCancel()\, DigestCancel() ... wh
 ich stops operation and cleans context. Now we have to simul
 ate it with some kind of failure.\n	Extending C_GenerateRand
 om to specify RNG quality\n	Adding C_RenameToken\, C_ChangeL
 abel\, and/or C_ClearToken\n	CKA_UUID (or similar unique ide
 ntifier attribute for objects). Right now\, PKCS#11 objects 
 can be hard to map into other protocols/keystore/databases (
 esp. KMIP) because there is no standard way to associate any
 thing resembling a unique primary key with objects.\n	Others
 ?\n\n\n11:30 -&gt\; 11:45 Letter to CMVP/NIST\n\n11:45-&gt\;
 1PM Lunch\n\n1PM -&gt\; 1:30PM Graham S.: Associating Attrib
 utes to Wrapped Keys\n\n1:30PM -&gt\; 2:30 Bob R.: AEAD (Wan
 -Teh&#39\;s 3.0 work)\n\n2:30 -&gt\; 2:45 PM Break\n\n2:45 -
 &gt\; 3:00 Interop update\n\nMotion to participate in 2017 I
 nterop at RSA Feb 2017.\n\n3:00 -&gt\; 4:30 PKCS#11 3.00 top
 ics (please let Valerie/Bob know)\n\n\n	Application/library 
 context - C_Inititlize returns context and C_Finalize cleans
  only the sessions\, objects and other related to the contex
 t or all library if context is not passed. Now we cannot cal
 ls C_Finalize in shared libraries (may just be an OS issue).
 \n	Adding multiple user support to C_Login to also take a us
 er name\n	and call back mechanism\n	Forking: Remove fork beh
 aviour from standard\, perfectly acceptable to work in the c
 hild.\n	Map KMIP attributes to PKCS#11 object lifecycle attr
 ibutes and enforcement. This includes new (different) error 
 codes for attempts to use objects before/after it&#39\;s val
 id to use them for the desired purpose. (example: should C_E
 ncrypt() fail if the key passed is beyond its Protect Stop D
 ate?)\n\n\n\n4:30 -&gt\; 5:00 Set next meeting date \, adjou
 rn\n\nGroup: OASIS PKCS 11 TC\nCreator: Valerie Fenwick
URL:https://www.oasis-open.org/apps/org/workgroup/pkcs11/event.php?event_id=42353
UID:https://www.oasis-open.org/apps/org/workgroup/pkcs11/event.php?event_id=42353
BEGIN:VALARM
ACTION:DISPLAY
DESCRIPTION:REMINDER
TRIGGER;RELATED=START:-PT00H15M00S
END:VALARM
END:VEVENT
END:VCALENDAR


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]