OASIS PKCS 11 TC

  • 1.  PKCS#11 URI syntax registration

    Posted 03-25-2013 16:23
    Some of you on this list might be aware that Oracle and some other consumers/providers of the PKCS#11 API have been working on registering a URI syntax for referencing PKCS#11 entities. Since URI registration is normally handled by IETF this was done via that standards body, this was also started while the PKCS#11 working group in its old form was basically defunct. Now that we have an active PKCS#11 community at OASIS I wanted to make sure everyone was aware of this work. The latest draft can be found here: http://www.ietf.org/id/draft-pechanec-pkcs11uri-09.txt It has had review via the IETF process and is believed to be basically complete and in the last stage before registration. We already use this URI syntax in various parts of Oracle Solaris and it is known to be used in a few other PKCS#11 implementations as well. -- Darren J Moffat


  • 2.  RE: [pkcs11] PKCS#11 URI syntax registration

    Posted 03-25-2013 16:34
    Classification: Thales e-Security INTERNAL It might be a good thing to revisit this in conjunction with OASIS KMIP for creating a common set of identifiers for tokens, objects, libraries, keys and other items. This may save some time and effort although we may want to open the URI up to more than just PKCS11 identifiers in order to support KMIP objects as well not defined or mappable into the current flavor. I would like to discuss it on the next PKCS11 if possible. Bob L. Robert A. (Bob) Lockhart THALES e-Security, Inc. ________________________________________ From: pkcs11@lists.oasis-open.org [pkcs11@lists.oasis-open.org] On Behalf Of Darren J Moffat [Darren.Moffat@Oracle.COM] Sent: Monday, March 25, 2013 09:22 To: pkcs11@lists.oasis-open.org Subject: [pkcs11] PKCS#11 URI syntax registration Some of you on this list might be aware that Oracle and some other consumers/providers of the PKCS#11 API have been working on registering a URI syntax for referencing PKCS#11 entities. Since URI registration is normally handled by IETF this was done via that standards body, this was also started while the PKCS#11 working group in its old form was basically defunct. Now that we have an active PKCS#11 community at OASIS I wanted to make sure everyone was aware of this work. The latest draft can be found here: http://www.ietf.org/id/draft-pechanec-pkcs11uri-09.txt It has had review via the IETF process and is believed to be basically complete and in the last stage before registration. We already use this URI syntax in various parts of Oracle Solaris and it is known to be used in a few other PKCS#11 implementations as well. -- Darren J Moffat --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


  • 3.  Re: [pkcs11] PKCS#11 URI syntax registration

    Posted 03-25-2013 16:41
    On 03/25/13 16:35, Lockhart, Robert wrote: Classification: Thales e-Security INTERNAL It might be a good thing to revisit this in conjunction with OASIS KMIP for creating a common set of identifiers for tokens, objects, libraries, keys and other items. This may save some time and effort although we may want to open the URI up to more than just PKCS11 identifiers in order to support KMIP objects as well not defined or mappable into the current flavor. I would like to discuss it on the next PKCS11 if possible. A URI syntax for KMIP seems like a good idea but I think they should be separate from the pkcs11 uri - particularly since the pkcs11 one is already in use in multiple systems. -- Darren J Moffat