-
Notifications
You must be signed in to change notification settings - Fork 25
3.0WorkItems
Bob Relyea edited this page Mar 3, 2025
·
4 revisions
Proposers should plan to review the relevant sections of the updated documents related to their proposed changes, to make sure all updates are made correctly. If proposer is no longer active in TC, the chairs and secretary will ask someone else to cover the review. The reviewer should verify the content, including any amendments made by voice vote, were included correctly in both the specification document and header files (if applicable). Change first cell to after ALL work is completed (approved by TC, added to specification and header file, changes reviewed).
| Proposer(s) | Issue Summary | Description | Link(s) to Proposal | Date(s) Approved | Links to Ballots and/or Minutes where approved | Added to Which Document by Editor(s) | Content reviewed by whom during committee review/Date | Header File Reviewed By |
|---|---|---|---|---|---|---|---|---|
| Valerie | Example | Example for how to use table | No links | 26 May 2017 | Imaginary ballot | Base Spec/Chris Z | Valerie/30 May 2017 | Valerie |
| Mark Powers | AES XTS Mode | Correct/update XTS mode proposal originally included in 2.40 draft. Additional changes were approved, based on comments by Dieter on the ballot. | http://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/58596/AES-XTS.pdf | 7 Sept 2017 with amendments | See ballot comments: https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=2969 Minutes with motion to remove wrapping flags(Motion to clear the wrap & unwrap flags from the AES-XTS proposal if it passes) | Current Mech. Draft 02 | Dieter Bong / Oct 2018 | - |
| Bob Relyea | AEAD | Updates to support AEAD: 1) function table extension 2) Define new AED functions 3) AES_GCM/CCM update. | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/57976/AEAD_proposal.doc https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60202/new_functions_proposal(1).doc https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60201/aes_gcm_proposal.doc (I think this link should be https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60497/aes_gcm_proposal.doc ) | 12 April 2017 | https://wiki.oasis-open.org/pkcs11/Meetingminutes/Minutes12042017 (Motion to accept Bob's proposals) | Base WD 02 / Current Mech WD 02 | Dieter Bong, Daniel Minder / Feb 2019 | - |
| Bob Relyea | SHA3/SHAKE | Update the spec with SHA-3 and SHAKE support | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/58556/SHA_3_draft_4.doc | 8 August 2016 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=2955 | Base WD 02 / Current Mech WD 03 | Dieter Bong / Oct 2018 | - |
| Darren Johnson | C_EncryptCancel | Introduce an API that can be used to cancel a single or all operations that have been initialized in a given session. | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60638/C_EncryptCancel_draft3%20w%20editorial%20updates.docx | 12 April 2017 with amendments | https://wiki.oasis-open.org/pkcs11/Meetingminutes/Minutes12042017 | Base WD 05 | Was present in 04 as well | |
| Darren Johnson | SHA1 and SHA2 updates | Update/correct SHA1 and SHA2 sections | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/59423/sha1_and_sha2_updates_draft2.doc | 4 November 2016 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3008 | Current Mech WD 03 | Dieter Bong / Oct 2018 | - |
| Tim Hudson | C_LoginUser | Add a user based login function | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60506/pkcs11-base-v2.40-loginuser-v1-changes.pdf | 31 May 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3074 | Base WD 02 | Daniel Minder / Mar 2019 | - |
| Dieter Bong | AES Key Wrap | Clarify padding in CKM_AES_KEY_WRAP_PAD, add CKM_AES_KEY_WRAP_KWP | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61151/AES%20KEY%20WRAP%20proposal_Approved.zip | 26 April 2017 | https://wiki.oasis-open.org/pkcs11/Meetingminutes/Minutes26042017 | Current Mech WD 03 | Dieter Bong, 9 January 2018: OK | - |
| Dieter Bong | ECDH Key Derivation | KDF acc. SP800-56A rev.2. For the final version, I suggest to replace CKD_..._KDF_SP800 by CKD_..._KDF_SP800_56A, to avoid confusion with constants CKM_SP800_108_... in Darren’s Flexible KDF proposal. | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61152/PKCS11_KDF_Proposal_Approved.zip | 7 September 2016 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=2970 | Current Mech WD 03 | Dieter Bong, 9 January 2018: OK, but added definitions for SHA2 KDFs in table 34 | - |
| David Gascon / Daniel Minder | GCM/CCM/GMAC corrections | Deletion of duplicate content; correction of errors, partly editorial, and inconsistencies with standards | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60870/PKCS11_curr_GMAC_corrections_rev3.docx | 3 October 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3123 | Curr Mech WD03 | Daniel Minder 13 June 2018: not ok. Correction proposal sent to mailing list on 12 Jan 2019. Dieter Bong / Mar 2019 OK | - |
| Bob Relyea | Provisioning | Create a way to determine what Profile a card uses. Add a profile to indicate a applications can read certs from a card without logging in. | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60802/profile_objects.doc https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60813/publicly_readable_profile.doc | 11 October 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3127 (with corrections see ballot comments corrections approved in the meeting of November 8) | Base WD 02 | Dieter Bong / Oct 2018 | - |
| Bob Relyea | Provisioning | Add a profile to indicate a applications can read certs from a card without logging in. | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60813/publicly_readable_profile.doc | 11 October 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3127 (with corrections see ballot comments corrections approved in the meeting of November 8) | Profile WD01 (TODO) | - | - |
| Darren Johnson | SP-800-108 | improvements to the PKCS#11 standard for complying with SP-800-108 with flexible KDF | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61911/FlexibleSymmetricKDF_draft5.docx | 4 October 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3125 (with corrections - see ballot comments) | Curr Mech WD06 | Darren Johnson, Daniel Minder / Aug 2018 | - |
| Bob Relyea | Definitions for CKD_SHA224_KDF, CKD_SHA256_KDF, CKD_SHA384_KDF, CKD_SHA512_KDF and CKD_CPDIVERSIFY_KDF | These identifiers appeared in the 2.40e1 header files, but were not defined in the specification. They seemed to have come in with the 2.30 work that was not fully complete. This proposal seeks to add the correct definitions to the standard. This addresses a public comment against PKCS11 2.40 errata 1 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60820 https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60819/GOST_update.doc/SHA_ECC_KDF.doc | 4 October 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3124 (with corrections - see ballot comments) | Curr Mech WD03 | Dieter Bong / Oct 2018 | - |
| Darren Johnson | EC Key generation With Extra Bits | Defines an EC key pair generation mechanism that corresponds to the method defined in FIPS 186-4 Appendix B.4.1, which uses “extra bits”. | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61910/EC_KeyGen_w_Extra_Bits_draft2.docx | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3160 | Curr Mech WD06 | Dieter Bong / Oct 2018 | - |
| Tim Hudson | CKA_DERIVE_TEMPLATE | Addition of CKA_DERIVE_TEMPLATE | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/60505/pkcs11-base-v2.40-derive-template-v1-changes.pdf | 31 May 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3075 | Base Spec WD02 | - | - |
| Tim Hudson | Array Attribute | - | https://www.oasis-open.org/apps/org/workgroup/pkcs11/document.php?document_id=61978 | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3150 | Base Spec WD02 / Base Spec WD04 | - | - |
| Tony Cox | v2.40 Errata - Item 13 - ck-ecdh2-derive-params | - | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61980/latest/ck-ecdh2-derive-params_tc.docx | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3145 | Curr Mech WD03 / Base Spec WD04 | Dieter Bong / May 2019 | - |
| Tony Cox | v2.40 Errata - Item 13 - ck-tls-prf-params | - | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61981/latest/ck-tls-prf-params_tc.docx | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3146 | Curr Mech WD03 | - | - |
| Tony Cox | v2.40 Errata - Item 13 - ck-camellia-ctr-params | - | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61982/latest/ck-camellia-ctr-params_tc.docx | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3147 | Curr Mech WD06 | - | - |
| Tony Cox | v2.40 Errata - Item 21 - ckm-tls12-kdf | - | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/61979/latest/ckm-tls12-kdf_tc.docx | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3148 | Curr Mech WD06 | Dieter Bong / Oct 2018 | - |
| Bob Relyea / Dieter Bong | v2.40 Errata - Item 16 - Add definitions for ECDSA SHA2 and SHA3 mechanisms | - | https://www.oasis-open.org/apps/org/workgroup/pkcs11/document.php?document_id=62006 | 27 November 2017 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3152 | Curr Mech WD03 | Dieter Bong / Oct 2018 | - |
| Darren Johnson / Dieter Bong | Additional ECC Curves | Support for Edwards/Montgomery Curves | https://www.oasis-open.org/apps/org/workgroup/pkcs11/document.php?document_id=62198 https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/62058/eddsa_notes_Additional_EC_Key_Types_draft2.docx | 27 November 2017 and 17 January 2018 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3160 https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3160 | Curr Mech WD05 | F2F Meeting March 2019 | - |
| Stefan Marsiske | Extended Chacha20/Salsa20 | Extend original ChaCha20/Poly1305 proposal with other ChaCha20/Salsa20 variants, add AEAD mode | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/62730/CC20_P1305_extended_Proposal.doc | 16 April 2018 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3196 | Curr Mech WD05 | Dieter Bong / Oct 2018 | - |
| Stefan Marsiske | X3DH and Double Ratchet | Add mechanisms for the X3DH and Double Ratchet mechanisms of the Signal protocol | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/62731/x3dh_draft_v0.3.doc | 16 April 2018 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3197 | Curr Mech WD05 | - | - |
| Stefan Marsiske | XEDDSA | Add mechanisms for XEDDSA based signatures as used in the Signal protocol | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/62739/xeddsa.docx | 16 April 2018 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3198 | Curr Mech WD05 | Darren Johnson, Daniel Minder / Aug 2018 | - |
| Stefan Marsiske | Blake2b | Add mechanisms for Blake2b hashes | https://www.oasis-open.org/apps/org/workgroup/pkcs11/download.php/62750/BLAKE2_draft.doc | 16 April 2018 | https://www.oasis-open.org/apps/org/workgroup/pkcs11/ballot.php?id=3199 | Curr Mech WD05 | - | - |