OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: New Issue: Clarification of policy usage for derived keys in SC


Title: New Issue: Clarification of policy usage for derived keys in SC

PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER.
The issues coordinators will notify the list when that has occurred.
Protocol: ws-securitypolicy,  ws-secureconversation
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/21362/ws-secureconversation-1.3-spec-cs-01.pdf
http://www.oasis-open.org/apps/org/workgroup/ws-sx/download.php/23821/ws-securitypolicy-1.2-spec-cs.pdf
Artifact: spec
Type: editorial
Title: Clarification of policy usage for derived keys in SC
Description:
Section 7 (Deriving Keys) in WS-SecureConversation refers to policy assertions for label and length of derived keys that do not exist in WS-SP 1.2:

Lines 780ff: "Labels are processed as UTF-8 encoded octets. If either isn't specified in the policy, then a default value of "WS-SecureConversation" (represented as UTF-8 octets) is used."

Lines 892ff: "If additional information is not specified (such as explicit elements or policy), then the following defaults apply: The offset is 0 / The length is 32 bytes (256 bits)"

Related issues:
none
Proposed Resolution:
Option 1: Remove references to policy in the text as follows:
Lines 780ff: "Labels are processed as UTF-8 encoded octets. If additional information is not specified as explicit elements, then a default value of "WS-SecureConversation" (represented as UTF-8 octets) is used."

Lines 892ff: "If additional information is not specified as explicit elements, then the following defaults apply:"
Option 2: Explicitly refer to custom / non-standard policy assertions
Option 3: Add policy assertions for label and length (e.g. as new attributes/elements to the Derived Keys Property) to SP



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]