Ballot Details: RNG - go forward strategy (CLOSED)
|Ballot Question||Which way do we move forward around RNG prescription in various operations?|
|Ballot Description||There are two different approaches to addressing how to describe/select/seed/... RNGs in KMIP:
1. Enhancements to query and use of attributes to prescribe RNGs during usage
2. RNG as an object with its set of operations and changes to other operations
VOTING CLOSED: Thursday, 9 January 2014 @ 11:00 am PST
|Open Date||Wednesday, 1 January 2014 @ 11:00 am PST|
|Close Date||Thursday, 9 January 2014 @ 11:00 am PST|
|Number of votes cast (excluding abstentions)||29|
|Eligible members who have voted||29 of 33||87 29/33%|
|Eligible members who have not voted||4 of 33||12 4/33%|
|Options with highest number of votes are bold|
|Option||# Votes||% of Total|
|Query enhancements + Attributes||26||89 19/29%|
|Both 1 & 2||3||10 10/29%|
|Voter Name||Company||Vote||Time (UTC)||Comments|
|Bartell, Jeff||Semper Fortis Solutions, LLC.||Query enhancements + Attributes||2014-01-02 14:18:00|
|Benjamin, Tom||IBM||Query enhancements + Attributes||2014-01-07 14:21:00|
|Brand, Joseph||Semper Fortis Solutions, LLC.||Query enhancements + Attributes||2014-01-02 14:53:00|
|Burns, Robert||Thales e-Security||Query enhancements + Attributes||2014-01-06 19:19:00|
|Cox, Tony||Cryptsoft Pty Ltd.||Query enhancements + Attributes||2014-01-01 22:04:00||1|
|Furlong, Judith||EMC||Query enhancements + Attributes||2014-01-08 19:22:00|
|Gleeson, Susan||Oracle||Query enhancements + Attributes||2014-01-07 17:44:00|
|Hudson, Tim||Cryptsoft Pty Ltd.||Query enhancements + Attributes||2014-01-02 11:36:00||1|
|Joseph, Mark||P6R, Inc||Query enhancements + Attributes||2014-01-01 22:37:00||1|
|Kriese, Kathy||Symantec Corp.||Query enhancements + Attributes||2014-01-02 18:00:00|
|Lockhart, Hal||Oracle||Query enhancements + Attributes||2014-01-07 19:14:00|
|Lockhart, Robert||Thales e-Security||Query enhancements + Attributes||2014-01-06 19:45:00||1|
|Peck, John||IBM||Query enhancements + Attributes||2014-01-07 00:25:00|
|Rich, Bruce||IBM||Query enhancements + Attributes||2014-01-06 22:55:00|
|Robbins, Warren||Dell||Query enhancements + Attributes||2014-01-06 14:31:00|
|Robinson, Rick||IBM||Query enhancements + Attributes||2014-01-06 23:55:00|
|Saha, Saikat||Oracle||Query enhancements + Attributes||2014-01-08 21:09:00|
|Sankuratripati, Subhash||NetApp||Query enhancements + Attributes||2014-01-08 21:13:00|
|Soman, Amruta||Cryptsoft Pty Ltd.||Query enhancements + Attributes||2014-01-01 23:48:00|
|Thota, Kiran||VMware, Inc.||Query enhancements + Attributes||2014-01-02 23:45:00||1|
|Turajski, Nathan||Thales e-Security||Query enhancements + Attributes||2014-01-04 00:38:00|
|White, Charles||Semper Fortis Solutions, LLC.||Query enhancements + Attributes||2014-01-02 12:59:00|
|Yellepeddy, Krishna||IBM||Query enhancements + Attributes||2014-01-09 12:50:00|
|Ying, Catherine||SafeNet, Inc.||Query enhancements + Attributes||2014-01-02 17:48:00|
|Yoder, Michael||Vormetric, Inc.||Query enhancements + Attributes||2014-01-01 21:02:00|
|Zdunkiewicz, Magda||Cryptsoft Pty Ltd.||Query enhancements + Attributes||2014-01-01 21:53:00|
|Armstrong, Warren||QuintessenceLabs Pty Ltd.||Both 1 & 2||2014-01-04 10:08:00|
|Leiseboer, John||QuintessenceLabs Pty Ltd.||Both 1 & 2||2014-01-02 12:24:00||1|
|Robinson, Peter||EMC||Both 1 & 2||2014-01-08 04:45:00|
|Chong, Kenli||QuintessenceLabs Pty Ltd.||--|
|Jenkins, Michael||National Security Agency||--|
|Kingston, Stephen||SafeNet, Inc.||--|
|Wong, Jin||QuintessenceLabs Pty Ltd.||--|
|Query enhancements + Attributes||RNG object, as I understand it, will need more serious thought and changes in the spec. Will be a good candidate to investigate for a major revision and not 1.3.
|Query enhancements + Attributes||I do not believe that creating a full object and attributes for RNG would fall under what we are trying to do in OASIS KMIP TC. I believe that it falls too far inside implementation which is best left for organizations to determine. I have no issue with RNG being an attribute of an object but not a full object itself.
In most organizations, RNGs are local to where the key is generated (either the device itself or the key manager). In the cases where it is a third entity, it is usually enforced by the application or the organization and therefor should not fall under KMIP as anything other than a way to identify where the key object was generated as an attribute.
|Query enhancements + Attributes||Lets not go over ground that has already been decided. We need to add other items to the protocol and should not waste time on old issues.
Cryptsoft Pty Ltd.
|Query enhancements + Attributes||I'm unsure how Random can neatly fit within the definition of an Object, given that Objects are immutable in KMIP. From my standpoint it would appear every operation that involves an Object would need to be reconsidered, if only to include a "is this a Random type Object?" check in order to do something different.
Cryptsoft Pty Ltd.
|Query enhancements + Attributes||Changing the approach for RNG to be an object would be inconsistent with the KMIP model and the decisions already made as part of KMIP-1.2 and without substantial reasons to change we should not be changing the approach in KMIP-1.3 IMHO
QuintessenceLabs Pty Ltd.
|Both 1 & 2||The query enhancements are compatible with the RNG Object proposal, however they do not provide the more complete protection and assurance of the RNG Object proposal.