OASIS Key Management Interoperability Protocol (KMIP) TC

 View Only

  • 1.  Mutating attributes

    Posted 08-06-2009 11:26 
    The only use case I have for this is to allow the server to allocate a
lower use limit than was requested.

However, I do not have any definite proof that this will be a problem in
practice, and I am not going to be able to gather that in a timely manner.

Therefore, in order to ensure we move forward and provided that we leave
space in the standard that will allow us to put this in in version 2 if
it turns out to be necessary - I am happy we drop mutation from version 1.

We can therefore close this issue.

Apologies for taking so long.

-- 
Marcus Streets
Security Standards Officer

THALES Information Systems Security
nCipher product line

------------------------------------------------------
T:  +44 (0) 1223 723613 (Direct)
F:  +44 (0) 1223 723601
E:  Marcus.Streets@thales-esecurity.com
W:  www.thalesgroup.com/iss


  • 2.  Re: [kmip] Mutating attributes

    Posted 08-13-2009 07:19 

    We seem to have reached consensus on
this topic. To be sure, I suggest to have a voice vote on the call tomorrow.
The proposal would be as follows:

    The descriptions of the Template-Attribute
returned in operation responses will be changed from:

    " A
list of attributes with values that the key management server chose differently
from those specified in the request (either explicitly or via template).
Only those attributes that were specified in the request and were set to
different values by the server are included here"

    to

    "A
list of attributes with values that the key management server has set implicitly
as a result of the operation. It is optional for the server to return such
a list."

    In addition, text will be changed so
that errors are returned instead of mutated attributes.

    Regards,
    -Robert



    Marcus Streets <Marcus.Streets@thales-esecurity.com>
wrote on 08/06/2009 01:26:00 PM:

    
> [image removed] 
    >
    
> [kmip] Mutating attributes
    >
    
> Marcus Streets 
    >
    
> to:
    >
    
> kmip@lists.oasis-open.org
    >
    
> 08/06/2009 01:26 PM
    >
    
>
    
> The only use case I have for this is to allow the server to allocate
a
    
> lower use limit than was requested.
    
>
    
> However, I do not have any definite proof that this will be a problem
in
    
> practice, and I am not going to be able to gather that in a timely
manner.
    
>
    
> Therefore, in order to ensure we move forward and provided that we
leave
    
> space in the standard that will allow us to put this in in version
2 if
    
> it turns out to be necessary - I am happy we drop mutation from version
1.
    
>
    
> We can therefore close this issue.
    
>
    
> Apologies for taking so long.
    
>
    
> --
    
> Marcus Streets
    
> Security Standards Officer
    
>
    
> THALES Information Systems Security
    
> nCipher product line
    
>
    
> ------------------------------------------------------
    
> T:  +44 (0) 1223 723613 (Direct)
    
> F:  +44 (0) 1223 723601
    
> E:  Marcus.Streets@thales-esecurity.com
    
> W:      www.thalesgroup.com/iss
    
>
    
> ---------------------------------------------------------------------
    
> To unsubscribe from this mail list, you must leave the OASIS TC that
    
> generates this mail.  Follow this link to all your TCs in OASIS
at:
    
>     https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
    
>


Related Content