Ballot Details: CKA_PUBLIC_KEY_INFO proposal (CLOSED)

Ballot Question Do you accept the proposal for CKA_PUBLIC_KEY_INFO?
Ballot Description Do you accept the proposal for CKA_PUBLIC_KEY_INFO as posted by Mike StJohns on 11-Jun-2013 at https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/49502/pkcs11-cka-public-key-info-r4.docx (also attached to this ballot as reference item)?
Ballot Options
VOTING CLOSED: Tuesday, 9 July 2013 @ 9:00 pm EDT
Yes 12 70 10/17
No 5 29 7/17
Abstain 4
Open Date Thursday, 27 June 2013 @ 7:00 am EDT
Close Date Tuesday, 9 July 2013 @ 9:00 pm EDT

Referenced Items

Name Type Date

pkcs11-cka-public-key-info-r4.docx

  • Folder: Working Drafts
  • Group: OASIS PKCS 11 TC
  • State: Draft
  • 29K
  • 34 downloads

A description of an attribute which encodes the public key information for any of a public key, private key or certificate. The primary use of this attribute is to ensure that a public key may be recovered from a private key, irrespective of the presence or availability of a public key object.

page=ballotrefitems&type=document
pkcs11-cka-public-key-info-r4.docx Document 2013-06-11

Voting Statistics

Number of votes cast (excluding abstentions) 17
Eligible members who have voted 21 of 34 61 13/17%
Eligible members who have not voted 13 of 34 38 4/17%

Voting Summary by Option

Options with highest number of votes are bold
Option # Votes % of Total
Yes 12 70 10/17%
No 5 29 7/17%
Abstain 4

Voting Details

Voter Name Company Vote * Time (UTC) Comments
* Griffin, Robert EMC Yes 2013-06-27 11:02:00
* Gutmann, Peter Individual Yes 2013-07-04 06:47:00
* Hudson, Tim Cryptsoft Pty Ltd. Yes 2013-06-27 11:22:00
* Janssen, Gershon Individual Yes 2013-07-09 16:18:00
* Krahn, Darren Google Inc. Yes 2013-06-27 17:19:00
* Leiseboer, John QuintessenceLabs Pty Ltd. Yes 2013-07-04 02:40:00
* Relyea, Robert Red Hat Yes 2013-07-09 22:58:00
* So, Oscar Oracle Yes 2013-07-09 18:03:00
* StJohns, Michael Individual Yes 2013-06-27 15:41:00
* Turnes, Walter-John Gemini Security Solutions, Inc. Yes 2013-07-03 19:42:00
* Walter, Stef Red Hat Yes 2013-06-27 11:09:00
* Zimman, Chris Bloomberg Finance L.P. Yes 2013-07-05 20:04:00
* Burns, Robert Thales e-Security No 2013-07-08 16:28:00
* Cox, Tony Cryptsoft Pty Ltd. No 2013-07-03 19:49:00
* Jivsov, Andrey Symantec Corp. No 2013-06-27 18:20:00 1
* Temme, Sander Thales e-Security No 2013-07-09 16:48:00
* Zdunkiewicz, Magda Cryptsoft Pty Ltd. No 2013-07-01 21:48:00
* Fenwick, Valerie Oracle Abstain 2013-07-08 21:47:00
* Kurktchi, Dina Oracle Abstain 2013-07-03 19:19:00
* Powers, Mark Oracle Abstain 2013-07-09 19:27:00
* Siravara, Radhika Oracle Abstain 2013-07-09 17:54:00
* Bartok, Peter Venafi, Inc. --
* Chang, Wan-Teh Google Inc. --
* Cheng, Janice Vormetric, Inc. --
* Cohen, Doron SafeNet, Inc. --
* Duane, Christopher EMC --
* Gleeson, Susan Oracle --
* Knight, Mark Thales e-Security --
* Krasnov, Alex Infineon Technologies AG --
* Lockhart, Hal Oracle --
* Puri, Ajai SafeNet, Inc. --
* Smith, David Venafi, Inc. --
* Smith, Ryan Futurex --
* Stevens, Michael QuintessenceLabs Pty Ltd. --

Voter Comments

Submitter Vote Comment
Jivsov, Andrey
Symantec Corp.
No CKA_PUBLIC_KEY_INFO adds an alternative packaging for a subset of CKO_PUBLIC_KEY fields. This brings substantial complexity that may not be obvious. There are many ways to create and validate CKA_PUBLIC_KEY_INFO, especially for more complex keys such as ECC. PKCS#11-defined attributes are well-understood, e.g. { CKA_MODULUS, CKA_PUBLIC_EXPONENT} for RSA, and now modules and application will need to package them in a new way, which is undefined in this proposal. The introduction of this parallel encoding is effectively the standardisation of DER encoding as a requirement for clients, which will harm applications with very limited X.509/DER parsing capability.