View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007700 | Part 83: UAFX Offline Engineering | Spec | public | 2022-02-07 16:11 | 2022-03-31 12:08 |
| Reporter | Paul Hunkar | Assigned To | Emanuel Kolb | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.00.00 RC2 | ||||
| Fixed in Version | 1.00.00 RC2 | ||||
| Summary | 0007700: Security description on section 9.2.4 | ||||
| Description | While working on profiles for Part 83, we realized that Part 83 needs to have more explicit statement related to security (signing of document). There are no shall or even shoulds in this section. The entire section is more general statements. The section should make a reference to Part 4 for the validation steps for a certificate (table 106 in part 4 if you want to check them) . I would expand a little on the validation check (host name and URI don't apply as stated to a descriptor, but maybe part 83 should define something (the company that owns the descriptor? or some other setting). The Conformance Unit for this probably needs to split one for the certificate validation and one describing the use of the certificate for signing it (which I believe is from the open packaging convention document). In general the reference section 9.2.4 needs some help (looking at the document some of the items might be described in other sections, but then they should be linked. | ||||
| Tags | Security | ||||
|
|
There needs to be a meeting with Martin and Paul on whether or not we need new conformance units or if we can use the existing ones. Topics to be discussed are signing, signature validation (to be a new issue), and certification validation. |
|
|
We have included chapter 7.7.1 Certificate validation that follow the steps of Part 4 but adapted for use in Part 83. We think that host name and URI validation steps are not needed and are not applicable in the use case. Conformance units will be handled in Mantis 7744. |
|
|
We resolved this per our last comments, including chapter 7.71, et al. |
|
|
everything is done |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2022-02-07 16:11 | Paul Hunkar | New Issue | |
| 2022-02-11 14:48 | Todd Snide | Assigned To | => Emanuel Kolb |
| 2022-02-11 14:48 | Todd Snide | Status | new => assigned |
| 2022-02-11 14:51 | Todd Snide | Note Added: 0015983 | |
| 2022-03-04 09:04 | Emanuel Kolb | Tag Attached: Security | |
| 2022-03-17 13:35 | Todd Snide | Note Added: 0016397 | |
| 2022-03-17 13:36 | Todd Snide | Status | assigned => resolved |
| 2022-03-17 13:36 | Todd Snide | Resolution | open => fixed |
| 2022-03-17 13:36 | Todd Snide | Fixed in Version | => 1.00.00 RC2 |
| 2022-03-17 13:36 | Todd Snide | Note Added: 0016398 | |
| 2022-03-31 12:08 | Emanuel Kolb | Status | resolved => closed |
| 2022-03-31 12:08 | Emanuel Kolb | Note Added: 0016508 |
