OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Modified: PKCS11 Face-to-Face

Event Title: PKCS11 Face-to-Face
Date: Friday, 26 February 2016, 08:30am to 05:00pm PST
Location: Castro Street, Mountain View, CA
Description

DRAFT AGENDA - Send Bob R and Valerie additional topics (including time needed)

all times PT


8:30AM->9:00AM Arrive, checkin on site

9:00AM -> 9:15AM Introductions

9:15AM->9:30AM Burt Kaliski, PKCS 25th Anniversary

9:30->9:45AM Update on PKCS#11 2.40 Errata, next steps

9:45->10AM Break

10AM Update from KMIP liason

10:15-> 11:30AM PKCS#11 2.41

  • New algorithms: SHA3, ChaCha, Poly
  • AES GCM IV - Can we abuse the parameter field?
  • NIST Key derivation function
  • Error code improvements (from Darren M)
  • EncryptCancel(), DigestCancel() ... which stops operation and cleans context. Now we have to simulate it with some kind of failure.
  • Extending C_GenerateRandom to specify RNG quality
  • Adding C_RenameToken, C_ChangeLabel, and/or C_ClearToken
  • CKA_UUID (or similar unique identifier attribute for objects). Right now, PKCS#11 objects can be hard to map into other protocols/keystore/databases (esp. KMIP) because there is no standard way to associate anything resembling a unique primary key with objects.
  • Others?

11:30 -> 11:45 Letter to CMVP/NIST

11:45->1PM Lunch

1PM -> 1:30PM Graham S.: Associating Attributes to Wrapped Keys

1:30PM -> 2:30 Bob R.: AEAD (Wan-Teh's 3.0 work)

2:30 -> 2:45 PM Break

2:45 -> 3:00 Interop update

Motion to participate in 2017 Interop at RSA Feb 2017.

3:00 -> 4:30 PKCS#11 3.00 topics (please let Valerie/Bob know)

  • Application/library context - C_Inititlize returns context and C_Finalize cleans only the sessions, objects and other related to the context or all library if context is not passed. Now we cannot calls C_Finalize in shared libraries (may just be an OS issue).
  • Adding multiple user support to C_Login to also take a user name
  • and call back mechanism
  • Forking: Remove fork behaviour from standard, perfectly acceptable to work in the child.
  • Map KMIP attributes to PKCS#11 object lifecycle attributes and enforcement. This includes new (different) error codes for attempts to use objects before/after it's valid to use them for the desired purpose. (example: should C_Encrypt() fail if the key passed is beyond its Protect Stop Date?)


4:30 -> 5:00 Set next meeting date , adjourn


This meeting counts towards voter eligibility.
Owner: Valerie Fenwick
Group: OASIS PKCS 11 TC
Sharing: This event is shared with the OASIS Open (General Membership), and General Public groups. Public Event Link

Microsoft Outlook users: You will see event notifications requiring further action in your Outlook mail application.
Non-Outlook users: We still recommend subscribing to a Group or organization-wide calendar to keep your calendar updated.

  • Learn more about subscribing here.
  • View the updated Group web calendar here.

Attachment: ical_42353.ics
Description: application/ics

BEGIN:VCALENDAR
CALSCALE:GREGORIAN
METHOD:REQUEST
VERSION:2.0
PRODID:-//Kavi Corporation//NONSGML Kavi Groups//EN
X-MS-OLK-FORCEINSPECTOROPEN:TRUE
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
BEGIN:STANDARD
DTSTART:20001029T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T090000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T020000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T020000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T100000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T020000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
STATUS:CONFIRMED
TRANSP:OPAQUE
DTSTAMP:20160226T171534Z
DTSTART;VALUE=DATE-TIME;TZID=America/Los_Angeles:20160226T083000
DTEND;VALUE=DATE-TIME;TZID=America/Los_Angeles:20160226T170000
SEQUENCE:4
SUMMARY:PKCS11 Face-to-Face
LOCATION:Castro Street, Mountain View, CA
LAST-MODIFIED:20160226T171534Z
ORGANIZER:workgroup_mailer@lists.oasis-open.org
DESCRIPTION:DRAFT AGENDA - Send Bob R and Valerie additional topics (inc
 luding time needed)\n\nall times PT\n\n\n8:30AM-&gt\;9:00AM 
 Arrive\, checkin on site\n\n9:00AM -&gt\; 9:15AM Introductio
 ns\n\n9:15AM-&gt\;9:30AM Burt Kaliski\, PKCS 25th Anniversar
 y\n\n9:30-&gt\;9:45AM Update on PKCS#11 2.40 Errata\, next s
 teps\n\n9:45-&gt\;10AM Break\n\n10AM Update from KMIP liason
 \n\n10:15-&gt\; 11:30AM PKCS#11 2.41\n\n\n	New algorithms: S
 HA3\, ChaCha\, Poly\n	AES GCM IV - Can we abuse the paramete
 r field?\n	NIST Key derivation function\n	Error code improve
 ments (from Darren M)\n	EncryptCancel()\, DigestCancel() ...
  which stops operation and cleans context. Now we have to si
 mulate it with some kind of failure.\n	Extending C_GenerateR
 andom to specify RNG quality\n	Adding C_RenameToken\, C_Chan
 geLabel\, and/or C_ClearToken\n	CKA_UUID (or similar unique 
 identifier attribute for objects). Right now\, PKCS#11 objec
 ts can be hard to map into other protocols/keystore/database
 s (esp. KMIP) because there is no standard way to associate 
 anything resembling a unique primary key with objects.\n	Oth
 ers?\n\n\n11:30 -&gt\; 11:45 Letter to CMVP/NIST\n\n11:45-&g
 t\;1PM Lunch\n\n1PM -&gt\; 1:30PM Graham S.: Associating Att
 ributes to Wrapped Keys\n\n1:30PM -&gt\; 2:30 Bob R.: AEAD (
 Wan-Teh&#39\;s 3.0 work)\n\n2:30 -&gt\; 2:45 PM Break\n\n2:4
 5 -&gt\; 3:00 Interop update\n\nMotion to participate in 201
 7 Interop at RSA Feb 2017.\n\n3:00 -&gt\; 4:30 PKCS#11 3.00 
 topics (please let Valerie/Bob know)\n\n\n	Application/libra
 ry context - C_Inititlize returns context and C_Finalize cle
 ans only the sessions\, objects and other related to the con
 text or all library if context is not passed. Now we cannot 
 calls C_Finalize in shared libraries (may just be an OS issu
 e).\n	Adding multiple user support to C_Login to also take a
  user name\n	and call back mechanism\n	Forking: Remove fork 
 behaviour from standard\, perfectly acceptable to work in th
 e child.\n	Map KMIP attributes to PKCS#11 object lifecycle a
 ttributes and enforcement. This includes new (different) err
 or codes for attempts to use objects before/after it&#39\;s 
 valid to use them for the desired purpose. (example: should 
 C_Encrypt() fail if the key passed is beyond its Protect Sto
 p Date?)\n\n\n\n4:30 -&gt\; 5:00 Set next meeting date \, ad
 journ\n\nGroup: OASIS PKCS 11 TC\nCreator: Valerie Fenwick
URL:https://www.oasis-open.org/apps/org/workgroup/pkcs11/event.php?event_id=42353
UID:https://www.oasis-open.org/apps/org/workgroup/pkcs11/event.php?event_id=42353
BEGIN:VALARM
ACTION:DISPLAY
DESCRIPTION:REMINDER
TRIGGER;RELATED=START:-PT00H15M00S
END:VALARM
END:VEVENT
END:VCALENDAR

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]