Re: [pkcs11] Groups - RNG_Proposal

Dieter,

Thanks for the draft. I tried to map it through what KMIP supports, and came up with a few questions, some of which may be items that still need to be hammered out between the two standards.

I didn't quite get the distinction between "Other than any specified below" and "Vendor defined RNG Algo". Are you thinking that the first is a well-defined standard that just isn't (yet) in the list, and the second is something proprietary? KMIP only has "Unspec" for things that aren't in the list (either RNG algorithm list or DRBG algorithm list).

I'm still scratching my head over the AIS31 items. Don't have a mapping in mind for those yet, so guess I need to do more than skim the references for them. I don't think KMIP really has anything for NTG-1, so that one probably is a KMIP 1.4 addition.

At some point down the road, it may be helpful to have committee notes that document the mappings between the two. Putting the mappings in each standard would be awkward from a process view, but something better than a sketch on a piece of paper would be helpful.

Bruce Rich

On Tue, Jun 7, 2016 at 2:19 AM, Dieter Bong <dieter.bong@utimaco.com> wrote:

Submitter's message
1st Draft of a proposal related to C_GenerateRandom, providing information about mode and algorithm/quality of the random number generator, and enabling to choose the RNG algorithm (if supported by the token).
-- Mr. Dieter Bong

Document Name: RNG_Proposal_Draft1.doc

No description provided.
Download Latest Revision
Public Download Link

Submitter: Mr. Dieter Bong
Group: OASIS PKCS 11 TC
Folder: Working Drafts
Date submitted: 2016-06-07 00:19:26

pkcs11 message