[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [External] : [pkcs11] PKCS#11 FIPS Indicator proposal review
- Section 4.13.2: Definition of CKA_VALIDATION_LEVEL : an ULONG type fits well to specify a FIPS Level like 1,2, 3 or 4. It doesnât fit that well to specify a Common Criteria Evaluation Assurance Level which may be 4+ for example. A type CK_UTF8CHAR might fit better for CC, and for other certification schemes as well?
If this is intended as purely information for human consumption then a CK_UTF8CHAR makes sense.
However if an application is intended to make decisions based on this value the data should be structured otherwise we are delegating parsing of that field to the application and wrong decisions will be made. See the issues with apps not understanding that Python 3.10 came after 3.9 and thinking it was 3.1 instead.
-- Darren J Moffat
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]