OASIS PKCS 11 TC

 View Only
  • 1.  Groups - pkcs11-profiles-v3.0-wd01.docx uploaded

    Posted 09-05-2018 08:30
    Submitter's message Incorporated known updates - adjusted base profile for new functions and attributes; added publicly readable certificate profile (renamed Public Certificates Token profile)

    Noted that the flag values for CKA_PROFILE_ID are not documented in the base specification (yet).

    Noted missing CKP_PUBLIC_CERTIFICATES_TOKEN flag value (for the additional profile). -- Tim Hudson Document Name : pkcs11-profiles-v3.0-wd01.docx No description provided. Download Latest Revision Public Download Link Submitter : Tim Hudson Group : OASIS PKCS 11 TC Folder : Working Drafts Date submitted : 2018-09-05 01:29:37


  • 2.  RE: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded

    Posted 09-05-2018 16:54
    Hi Tim,   thanks for providing the Profiles working draft. A quick review:   -           Note that CK_INTERFACES, CK_FUNCTION_LISTS, C_GetFunctionLists might change based on the discussion of my proposal. This also fixes the wrong section (see your comment on 3.3.2 no 4b) -           In 3.3.2 and 3.6.2, it is not necessary to add item 5 „ Supports the following objects “ since we already have item 3 with the same name. Thus, CKO_PROFILE can be added there. -           In 3.5.2 no 6, shall it actually have the value CKP_EXTENDED_PROVIDER instead of CKP_BASELINE_PROVIDER? If not, remove no 6 since it is inherited from the baseline provider. If yes, can it be integrated in or replace no 4? If not, it should be before no 4 so that both object items are close by. -           Since all profile specifications usually contain data types, objects, functions, and mechanisms (even if it just says „ none specified “ ) we should data types for authentication tokens and data types and functions for public certificates tokens just for consistency.   Thanks, Daniel   From: pkcs11@lists.oasis-open.org [mailto:pkcs11@lists.oasis-open.org] On Behalf Of Tim Hudson Sent: Mittwoch, 5. September 2018 10:30 To: pkcs11@lists.oasis-open.org Subject: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded   Submitter's message Incorporated known updates - adjusted base profile for new functions and attributes; added publicly readable certificate profile (renamed Public Certificates Token profile) Noted that the flag values for CKA_PROFILE_ID are not documented in the base specification (yet). Noted missing CKP_PUBLIC_CERTIFICATES_TOKEN flag value (for the additional profile). -- Tim Hudson Document Name : pkcs11-profiles-v3.0-wd01.docx No description provided. Download Latest Revision Public Download Link Submitter : Tim Hudson Group : OASIS PKCS 11 TC Folder : Working Drafts Date submitted : 2018-09-05 01:29:37   Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen – Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/


  • 3.  Re: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded

    Posted 09-19-2018 06:13
    Daniel, I have uploaded a wd02 version of the profiles which I believe addresses all of the items raised and a few more consistency items I noted when addressing your comments. Thanks, Tim. On Thu, Sep 6, 2018 at 2:53 AM Daniel Minder < Daniel.Minder@utimaco.com > wrote: Hi Tim, thanks for providing the Profiles working draft. A quick review: - Note that CK_INTERFACES, CK_FUNCTION_LISTS, C_GetFunctionLists might change based on the discussion of my proposal. This also fixes the wrong section (see your comment on 3.3.2 no 4b) - In 3.3.2 and 3.6.2, it is not necessary to add item 5 Supports the following objects since we already have item 3 with the same name. Thus, CKO_PROFILE can be added there. - In 3.5.2 no 6, shall it actually have the value CKP_EXTENDED_PROVIDER instead of CKP_BASELINE_PROVIDER? If not, remove no 6 since it is inherited from the baseline provider. If yes, can it be integrated in or replace no 4? If not, it should be before no 4 so that both object items are close by. - Since all profile specifications usually contain data types, objects, functions, and mechanisms (even if it just says none specified ) we should data types for authentication tokens and data types and functions for public certificates tokens just for consistency. Thanks, Daniel From: pkcs11@lists.oasis-open.org [mailto: pkcs11@lists.oasis-open.org ] On Behalf Of Tim Hudson Sent: Mittwoch, 5. September 2018 10:30 To: pkcs11@lists.oasis-open.org Subject: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded Submitter's message Incorporated known updates - adjusted base profile for new functions and attributes; added publicly readable certificate profile (renamed Public Certificates Token profile) Noted that the flag values for CKA_PROFILE_ID are not documented in the base specification (yet). Noted missing CKP_PUBLIC_CERTIFICATES_TOKEN flag value (for the additional profile). -- Tim Hudson Document Name : pkcs11-profiles-v3.0-wd01.docx No description provided. Download Latest Revision Public Download Link Submitter : Tim Hudson Group : OASIS PKCS 11 TC Folder : Working Drafts Date submitted : 2018-09-05 01:29:37 Utimaco IS GmbH Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com Seat: Aachen Registergericht Aachen HRB 18922 VAT ID No.: DE 815 496 496 Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/


  • 4.  RE: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded

    Posted 09-19-2018 11:20




    Tim, all,
     
    thanks, looks good.
     
    It makes sense to have the CKP_* constants with values in the profiles document.
     
    Thanks,
    Daniel
     
    From: Tim Hudson [mailto:tjh@cryptsoft.com]

    Sent: Mittwoch, 19. September 2018 08:12
    To: Daniel Minder <Daniel.Minder@utimaco.com>
    Cc: pkcs11@lists.oasis-open.org
    Subject: Re: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded
     

    Daniel, I have uploaded a wd02 version of the profiles which I believe addresses all of the items raised and a few more consistency items I noted when addressing your comments.

     


    Thanks,


    Tim.


     


     


    On Thu, Sep 6, 2018 at 2:53 AM Daniel Minder < Daniel.Minder@utimaco.com > wrote:




    Hi Tim,
     
    thanks for providing the Profiles working draft. A quick review:
     
    -          
    Note that CK_INTERFACES, CK_FUNCTION_LISTS, C_GetFunctionLists might change based on the discussion of my proposal. This also fixes the wrong section (see your comment on 3.3.2 no 4b)
    -          
    In 3.3.2 and 3.6.2, it is not necessary to add item 5
    Supports the following objects since
    we already have item 3 with the same name. Thus, CKO_PROFILE can be added there.
    -          
    In 3.5.2 no 6, shall it actually have the value CKP_EXTENDED_PROVIDER instead of CKP_BASELINE_PROVIDER? If not, remove no 6 since it is inherited from the baseline provider. If yes, can
    it be integrated in or replace no 4? If not, it should be before no 4 so that both object items are close by.
    -          
    Since all profile specifications usually contain data types, objects, functions, and mechanisms (even if it just says
    none specified ) we should data types
    for authentication tokens and data types and functions for public certificates tokens just for consistency.
     
    Thanks,
    Daniel
     
    From:
    pkcs11@lists.oasis-open.org [mailto: pkcs11@lists.oasis-open.org ]
    On Behalf Of Tim Hudson
    Sent: Mittwoch, 5. September 2018 10:30
    To: pkcs11@lists.oasis-open.org
    Subject: [pkcs11] Groups - pkcs11-profiles-v3.0-wd01.docx uploaded
     
    Submitter's message
    Incorporated known updates - adjusted base profile for new functions and attributes; added publicly readable certificate profile (renamed Public Certificates Token profile)

    Noted that the flag values for CKA_PROFILE_ID are not documented in the base specification (yet).

    Noted missing CKP_PUBLIC_CERTIFICATES_TOKEN flag value (for the additional profile).

    -- Tim Hudson





    Document Name :

    pkcs11-profiles-v3.0-wd01.docx







    No description provided.

    Download Latest Revision
    Public Download Link







    Submitter : Tim Hudson
    Group : OASIS PKCS 11 TC
    Folder : Working Drafts
    Date submitted : 2018-09-05 01:29:37




     

     




    Utimaco IS GmbH
    Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0,
    www.utimaco.com
    Seat: Aachen Registergericht Aachen HRB 18922
    VAT ID No.: DE 815 496 496
    Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO

    This communication is confidential. We only send and receive email on the basis of the terms set out at
    https://www.utimaco.com/en/e-mail-disclaimer/







    Utimaco IS GmbH
    Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
    Seat: Aachen Registergericht Aachen HRB 18922
    VAT ID No.: DE 815 496 496
    Managementboard: Malte Pollmann (Chairman) CEO, Dr. Frank J. Nellissen CFO

    This communication is confidential. We only send and receive email on the basis of the terms set out at https://www.utimaco.com/en/e-mail-disclaimer/