Presentation is loading. Please wait.

Presentation is loading. Please wait.

KMIP Support for PGP Things to take out Things to put in.

Published byJuliet Campbell Modified over 8 years ago

Similar presentations

Presentation on theme: "KMIP Support for PGP Things to take out Things to put in."— Presentation transcript:

1 KMIP Support for PGP Things to take out Things to put in

2 Remove “PGP Certificate” (2.2.1) Certificate managed object can be of type “PGP” This classification makes no sense to anyone

3 Removal of PGP Certificate Type Changes to KMIP Specification* Section 1.1 - Terminology Remove PGP Certificate from Terminology list Replace with a PGP Key and other appropriate PGP related definitions Section 2.2.1 - Certificate Remove third sentence of first paragraph which discusses PGP certificates Add appropriate deprecation text Section 3.8 – Certificate Type Remove references to a PGP certificate type Add appropriate deprecation text Section 3.13 – Certificate Issuer Deprecated in v1.1 leave text as is? Section 3.14 – Certificate Subject Deprecated in v1.1 leave text as is? Section 3.16 – Digital Signature Algorithm Remove reference to PGP certificates in table Replace with a reference to new PGP Key object? Section 4.7 – Certify Remove references to a PGP certificate type Add appropriate deprecation text Section 4.8 – Re-Certify Remove references to a PGP certificate type Add appropriate deprecation text Section 9.1.3.2.6 – Certificate Type Enumeration Remove the enumeration (00000002) for PGP Add appropriate deprecation text Section 9.1.3.2.22 – Certificate Request Type Enumeration Remove the enumeration (00000004) for PGP Add appropriate deprecation text * References to PGP certificates also need to be removed from other KMIP documents (e.g. Usage Guide, etc.)

4 Add PGP Key Type (2.2.x) A new object type. A keyblock value (opaque blob) A version number (generally 3 or 4)

5 Add Alternative Name Attribute (3.y) Similar in structure to current Name Will have a type, suggested to following RFC 5280 types Unstructured Email address DNS name URL DN IP address Will have a value Will not be unique across a key management domain Applicable to all managed objects

6 Add New Link Types (9.1.3.2.20) Parent Child Previous Next These can describe hierarchical and sibling relationships between keys. Open question about what to do with Certificate link type: deprecate for parent / child, or keep?

Download ppt "KMIP Support for PGP Things to take out Things to put in."

Similar presentations

RPKI Certificate Policy Status Update Stephen Kent.

RPKI Certificate Policy Status Update Stephen Kent.
XML IV. The Document Object Model The Document Object model is a hierarchical structure of an XML document. It provides a means for accessing, and manipulating.

XML IV. The Document Object Model The Document Object model is a hierarchical structure of an XML document. It provides a means for accessing, and manipulating.
UNIT 13 Time Clauses. How do we show the time relationship between two sentences? We often use time words like: When Until Before After As / While Once.

UNIT 13 Time Clauses. How do we show the time relationship between two sentences? We often use time words like: When Until Before After As / While Once.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.
Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.

RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
RPKI Validation - Revisited draft-huston-rpki-validation-01.txt Geoff Huston George Michaelson APNIC Slide 1/19.

RPKI Validation - Revisited draft-huston-rpki-validation-01.txt Geoff Huston George Michaelson APNIC Slide 1/19.
© 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice KMIP Key Naming for Removable Media.

© 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice KMIP Key Naming for Removable Media.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:

Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:
DNS-centric PKI Sean Turner Russ Housley Tim Polk.

DNS-centric PKI Sean Turner Russ Housley Tim Polk.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

Similar presentations

Ads by Google