Re: PKCS#11 URI slot attributes & last call
Nikos Mavrogiannopoulos <nmav@gnutls.org> Thu, 18 December 2014 11:06 UTC
Return-Path: <n.mavrogiannopoulos@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E01061A6FD1; Thu, 18 Dec 2014 03:06:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fUSMuy-St1GH; Thu, 18 Dec 2014 03:06:39 -0800 (PST)
Received: from mail-wg0-x234.google.com (mail-wg0-x234.google.com [IPv6:2a00:1450:400c:c00::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C70C61A6FBC; Thu, 18 Dec 2014 03:06:38 -0800 (PST)
Received: by mail-wg0-f52.google.com with SMTP id x12so1266573wgg.25; Thu, 18 Dec 2014 03:06:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:subject:from:to:cc:date:in-reply-to:references :content-type:mime-version:content-transfer-encoding; bh=bSp1vRqj+AQZLBJMSS9lbWmW29h3FxmtcPxoe42Hm2Q=; b=VaBkWKgq6E0K2HVMCj6jEGsBBo+UUtOb1/Kb8iFaIHrurfoow/Q48vwGb2fE7zkwxj BzuvsrPFwIFGvDalISHbcinebpqdAe1QHIwf/XHMNmGF8s4kotu7LcRK9HewA5i6KB3m zhMQoov1odTAJXp7veQRVG0Ef+0Lw3vRyfVIr1CE7vk6GS7O/r05uEKRqPToN3ZMf9qn RAFSUGgXfIob6r8e/FJhUZM7MH12OcEHQjQrlGSRB2FlRA1CEUwXHhMFYhI5I/XRnmvh Q4m4WozbZFzs8rd3ssQAgxxICnnPOHXrArO+0QW/8BCwyiAyll2pcTK2XBPM8+sXtBWh ZXdQ==
X-Received: by 10.194.71.203 with SMTP id x11mr3016798wju.131.1418900796782; Thu, 18 Dec 2014 03:06:36 -0800 (PST)
Received: from aspire.lan (77.49.75.59.dsl.dyn.forthnet.gr. [77.49.75.59]) by mx.google.com with ESMTPSA id p1sm8510343wjy.22.2014.12.18.03.06.34 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 18 Dec 2014 03:06:35 -0800 (PST)
Sender: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Message-ID: <1418900792.7577.5.camel@gnutls.org>
Subject: Re: PKCS#11 URI slot attributes & last call
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
To: Jan Pechanec <jan.pechanec@oracle.com>
Date: Thu, 18 Dec 2014 13:06:32 +0200
In-Reply-To: <alpine.GSO.2.00.1412172154150.14405@rejewski>
References: <alpine.GSO.2.00.1412161359100.4549@keflavik> <CAB6OCMvGxT99cGGBSBbz=XU2+F1xRzBa97z6dY-qPSJk1GWXyQ@mail.gmail.com> <20141217230150.GB9443@localhost> <CAB6OCMvkPSfNYqftAgbcN5KrG7kxb5ooico205O6EffcsU8SwQ@mail.gmail.com> <20141218000736.GL9443@localhost> <alpine.GSO.2.00.1412171614240.4549@keflavik> <CAB6OCMsAdTarz5XBHgTnU=v9qweS5B6mk-tb7Gbf7kwkDFBDMg@mail.gmail.com> <20141218004717.GN9443@localhost> <alpine.GSO.2.00.1412171704530.4549@keflavik> <20141218012300.GP9443@localhost> <alpine.GSO.2.00.1412172154150.14405@rejewski>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.12.8 (3.12.8-1.fc21)
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/3kY3EyyHBe711R76mOc7vsG1OYA
Cc: Darren J Moffat <Darren.Moffat@oracle.com>, Stef Walter <stef@thewalter.net>, Jaroslav Imrich <jaroslav.imrich@gmail.com>, ietf@ietf.org, saag@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Dec 2014 11:06:52 -0000
On Wed, 2014-12-17 at 22:54 -0800, Jan Pechanec wrote: > + Slot ID is a Cryptoki-assigned number that is not guaranteed stable > + across PKCS#11 module initializations. However, slot description and > + manufacturer ID may not be enough to uniquely identify a specific > + reader. In situations where slot information is necessary use of > + "slot-id" attribute may be justified if sufficient slot ID stability > + is provided in the PKCS#11 provider itself or externaly. Hello Jan, I'd like to propose the following text instead: "Slot ID is a Cryptoki-assigned number that is not guaranteed stable across PKCS#11 module initializations. However, there are certain libraries and modules which provide stable slot numbers and descriptions. For these cases, when the manufacturer ID is not sufficient to uniquely identify a specific reader, the slot information could be used to increase the precision of the token identification. In other scenarios, using the slot identifiers is likely to cause usability issues." That text discusses both the benefits and the risks. regards, Nikos
- Re: slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Nico Williams
- Re: slot attributes & last call Nico Williams
- Re: slot attributes & last call Nico Williams
- Re: slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Nikos Mavrogiannopoulos
- Re: [saag] PKCS#11 URI slot attributes & last call Stephen Farrell
- Re: slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: slot attributes & last call Darren J Moffat
- Re: PKCS#11 URI slot attributes & last call Darren J Moffat
- Re: slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: slot attributes & last call Jaroslav Imrich
- Re: slot attributes & last call Jaroslav Imrich
- Re: slot attributes & last call Nikos Mavrogiannopoulos
- Re: slot attributes & last call Jan Pechanec
- Re: [saag] PKCS#11 URI slot attributes & last call Henry B (Hank) Hotz, CISSP
- Re: [saag] PKCS#11 URI slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Nico Williams
- Re: [saag] PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Nico Williams
- Re: [saag] PKCS#11 URI slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Patrik Fältström
- Re: PKCS#11 URI slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Patrik Fältström
- NF* (Re: PKCS#11 URI slot attributes & last call) Nico Williams
- Re: NF* (Re: PKCS#11 URI slot attributes & last c… Patrik Fältström
- Re: NF* (Re: PKCS#11 URI slot attributes & last c… Nico Williams
- Re: NF* (Re: PKCS#11 URI slot attributes & last c… Patrik Fältström
- Re: NF* (Re: PKCS#11 URI slot attributes & last c… Nico Williams
- i18n requirements (was: Re: NF* (Re: PKCS#11 URI … John C Klensin
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Nico Williams
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: [saag] PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: [saag] PKCS#11 URI slot attributes & last call Nico Williams
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: [saag] PKCS#11 URI slot attributes & last call Jan Pechanec
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Nico Williams
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Patrik Fältström
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … John C Klensin
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Patrik Fältström
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Nico Williams
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Jan Pechanec
- Re: NF* (Re: PKCS#11 URI slot attributes & last c… Jan Pechanec
- Re: NF* (Re: PKCS#11 URI slot attributes & last c… Nico Williams
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Jan Pechanec
- Re: [saag] i18n requirements (was: Re: NF* (Re: P… Jan Pechanec
- RE: [saag] i18n requirements (was: Re: NF* (Re: P… Christian Huitema
- RE: [saag] i18n requirements (was: Re: NF* (Re: P… Jan Pechanec
- Re: [saag] i18n requirements (was: Re: NF* (Re: P… Jaroslav Imrich
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Jan Pechanec
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … Jan Pechanec
- Re: i18n requirements (was: Re: NF* (Re: PKCS#11 … John C Klensin
- My IESG Eval for draft-pechanec-pkcs11uri-19 (Was… Pete Resnick
- Re: My IESG Eval for draft-pechanec-pkcs11uri-19 … John C Klensin