View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000183210000-007: Profilespublic2012-01-11 19:352012-11-21 15:38
ReporterJim Luth Assigned ToPaul Hunkar  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.02 
Summary0001832: Problem with key length larger 2048 bits
Description

The OPC UA secure conversation message footer defines a 8 bit field for the number of padding bytes. This is enough for up to 255 padding bytes. If the plain text block size requires more than that, protocol errors occur. This limit the key length to 2048 bit.

Additional Information

Existing profiles must be updated to restrict the maximum key length to less that or equal to 2048.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0001766 closedRandy Armstrong 10000-006: Mappings Problem with key length larger 2048 bits 
related to 0001908 closedRandy Armstrong 10000-006: Mappings Add MaxAsymmetricKeyLength to Table 22 

Activities

Paul Hunkar

2012-03-13 16:48

developer   ~0003373

Added 2048 as needed

Jim Luth

2012-03-13 17:23

administrator   ~0003379

Reviewed and agreed to changes in telecon.

Jim Luth

2012-05-08 19:46

administrator   ~0003651

Needs to be reopened and text added that a minimum is also required and related to 1908 (part 6 issue)

Paul Hunkar

2012-08-21 04:18

developer   ~0004011

Added text to existing facet to indicate maxAsymmetricKeyLength is 2048 and also created new security policy that allow for MaxAsymmetricKeyLength > 2048.

These would only be available on new server/clients

Jim Luth

2012-08-21 16:24

administrator   ~0004020

Last edited: 2012-08-21 16:30

Added Conformance Units "Security Basic 128LongRsa15" and "Security Basic 256Long" and Security Facets "Security Policy - 128LongRsa15" and "Security Policy - 256Long"

Changes added to Part 7 1.02.08

Jim Luth

2012-08-21 16:40

administrator   ~0004021

Agreed in telecon the MaxAsyncKeyLength needs to be betwee 2048 and some MAX, but we currently don't define the MAX. Paul will find the correct MAX and add it to the description.

Paul Hunkar

2012-08-22 18:46

developer   ~0004030

Based on other security related feedback, not sure if we should even add these security policies - Not sure if anything > 2048 even applies with the selected set of algorithms.

Paul Hunkar

2012-11-20 19:00

developer   ~0004264

Fix in doc 1.02.11

Jim Luth

2012-11-21 15:38

administrator   ~0004269

Reviewed and agreed to changes in telecon.

Issue History

Date Modified Username Field Change
2012-01-11 19:35 Jim Luth New Issue
2012-01-11 19:35 Jim Luth Status new => assigned
2012-01-11 19:35 Jim Luth Assigned To => Paul Hunkar
2012-01-11 19:35 Jim Luth Issue generated from: 0001766
2012-01-11 19:35 Jim Luth Relationship added related to 0001766
2012-01-11 19:35 Jim Luth Project 10000-006: Mappings => 10000-007: Profiles
2012-03-13 16:48 Paul Hunkar Status assigned => resolved
2012-03-13 16:48 Paul Hunkar Resolution open => fixed
2012-03-13 16:48 Paul Hunkar Note Added: 0003373
2012-03-13 17:23 Jim Luth Status resolved => closed
2012-03-13 17:23 Jim Luth Note Added: 0003379
2012-03-13 17:23 Jim Luth Fixed in Version => 1.02
2012-05-08 19:46 Jim Luth Status closed => feedback
2012-05-08 19:46 Jim Luth Resolution fixed => reopened
2012-05-08 19:46 Jim Luth Note Added: 0003651
2012-05-08 19:46 Jim Luth Status feedback => assigned
2012-05-08 19:47 Jim Luth Relationship added related to 0001908
2012-08-21 04:18 Paul Hunkar Status assigned => resolved
2012-08-21 04:18 Paul Hunkar Resolution reopened => fixed
2012-08-21 04:18 Paul Hunkar Note Added: 0004011
2012-08-21 16:24 Jim Luth Note Added: 0004020
2012-08-21 16:30 Jim Luth Note Edited: 0004020
2012-08-21 16:40 Jim Luth Status resolved => feedback
2012-08-21 16:40 Jim Luth Resolution fixed => reopened
2012-08-21 16:40 Jim Luth Note Added: 0004021
2012-08-21 16:40 Jim Luth Status feedback => assigned
2012-08-22 18:46 Paul Hunkar Note Added: 0004030
2012-11-20 19:00 Paul Hunkar Status assigned => resolved
2012-11-20 19:00 Paul Hunkar Resolution reopened => fixed
2012-11-20 19:00 Paul Hunkar Note Added: 0004264
2012-11-21 15:38 Jim Luth Status resolved => closed
2012-11-21 15:38 Jim Luth Note Added: 0004269