OASIS Open

National Security Agency

Yes

"Supporting Rekey"
* There seems to be no reason for the order of table yy. Suggest ordering by referenced section number. (I realize the symmetric key table has no reason)
* Table yy, in the Action for State, do you want to point to table xx for asymmetric keys, instead of table 113?
* Table zz, I don't understand how the server knows which key pair to re-key if no uid is passed. All re-key examples in the use cases doc provide uuidKey as input. Is this for batched requests?
* Do you want to say anything about the server getting a new certificate to go along with the new keys in the new Re-Key Key Pair section of Section 4?

"Certificate Request"
* What's the difference between cert update using Certify and Re-Certify?
* Table 121, I'd prefer the footnote below the table be included in the Description column to make sure it is understood (in both the UId and Cert Req rows)
* Table 125, as above, how does the server know which cert to Re-Certify if no input is required from the client?