[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [KEYPROV] Issue Tracker Up and Running

Hi Andrea & Ming,

I had a chance to go over the recently merged KeyProv XML schema
"KEYPROV Draft 05-23-2007.xsd" and have a few minor suggestions.

1. Change the name KeyType (in ServerHelloPDU) to KeyAlgorithm so that
it's more consistent with the other elements such as EncryptionAlgorithm
and MacAlgorithm:

Change to this ===>    <xs:element name="KeyAlgorithm"
type="AlgorithmType"/>
                    <xs:element name="EncryptionAlgorithm"
type="AlgorithmType"/>
                    <xs:element name="MacAlgorithm"
type="AlgorithmType"/>
                    <xs:element name="EncryptionKey"
type="ds:KeyInfoType"/>

The current declaration of
          <xs:element name="KeyType" type="AlgorithmType"/>
might look a bit confusing in the concatenated word "Type" for the
element name. It's better to just use concatenated "Type" for type name
like the rest.

2. Same change with SupportedKeyTypes (in ClientHelloPDU) to
SupportedKeyAlgorithms 
for the same reason.

3. There seems to be a typo in SampleClientHelloTwoPass.xml file. Should
the following line:
===>            <ds:KeyName>Key-001></ds:KeyName>
be changed to: 
                    <ds:KeyName>Key-001</ds:KeyName>

Note the trailing ">" character at the end of "Key-001" KeyName in the
current file.

Thanks.

Best Regards,
Shuh Chang
Senior Systems Architect
Security, Network Identity
Gemalto
Tel: +1 512-257-3859
Fax: +1 512-257-3904
8311 North FM 620 Road
Austin, Texas 78726-4001
shuh.chang at gemalto.com
www.gemalto.com


 

> -----Original Message-----
> From: Hannes Tschofenig [mailto:Hannes.Tschofenig at gmx.net] 
> Sent: Thursday, June 07, 2007 3:27 PM
> To: keyprov at ietf.org
> Subject: [KEYPROV] Issue Tracker Up and Running
> 
> Hi all,
> 
> we have installed an issue tracker (see
> http://www.tschofenig.priv.at:8080/keyprov/index) and Ming has 
> added 14 issues, namely:
> 
> * Shall we send authentication ID in a separate field or the 
> same value in part of authentication value? <issue14>
> * Shall we explicitly document how to construct 
> AuthenticationCode over HTTP case? <issue13>
> * Should we use strongly typed message or any type for flexibility? 
> <issue12>
> * How to refer to HOTP and SecurID OTP algorithms? <issue8>
> * Should TokenID and KeyID be string instead of binary? <issue4>
> * Consistent definition about IDs between Keyprov and PSKC: 
> TokenID, DeviceID, and KeyID <issue3>
> * Register PSKC container URI and refer to this in keyprov 
> spec <issue2>
> * Change element names to reflect keyprov and request / 
> response style <issue1>
> * Is special keyprov HTTP header definition required? <issue11>
> * Do we need to provide SOAP binding and where if so? <issue10>
> * Document the relationship between 
> SupportedKeyInitializationMethod and EncryptionMethod in a 
> response message <issue9>
> * Shall we support an option for other response channel such as SMS? 
> <issue7>
> * Refer to EncryptionAlgorithm from ClientHello for the 
> SupportedEncryptionAlgorithms? <issue6>
> * Different approaches used to refer to algorithms in keyprov 
> and PSKC <issue5>
> 
> Btw, I linked the issue tracker with the KEYPROV mailing list 
> (as you have seen from the previous message to the list).
> 
> Ciao
> Hannes
>  
> 
> _______________________________________________
> KEYPROV mailing list
> KEYPROV at ietf.org
> https://www1.ietf.org/mailman/listinfo/keyprov
> 

_______________________________________________
KEYPROV mailing list
KEYPROV at ietf.org
https://www1.ietf.org/mailman/listinfo/keyprov