0002260: 5.5.2.1 OpenSecureChannel Description: last 2 paragraphs require revision

ID	Project	Category	View Status	Date Submitted	Last Update

0002260	10000-004: Services		public	2012-11-08 21:21	2013-11-25 18:48

Reporter	~~Nathan Pocock~~	Assigned To	Matthias Damm
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	fixed
Fixed in Version	1.03

Summary	0002260: 5.5.2.1 OpenSecureChannel Description: last 2 paragraphs require revision
Description	CMPWG Nov-8-2012: The last two paragraphs of OpenSecureChannel description are: "The OpenSecureChannel request and response Messages shall be signed with the sender's Certificate. These Messages shall always be encrypted. If the transport layer does not provide encryption, then these Messages shall be encrypted with the receiver's Certificate. The Certificates used in the OpenSecureChannel service shall be the application instance Certificates. Clients and Servers shall verify that the same Certificates were used in the CreateSession and ActivateSession services." The first paragraph is plainly wrong. In addition, two interpretations directly within the CMPWG on the word "transport" caused confusion; is this the ACTUAL on-the-wire transport, or the UA protocol (Bin/Http etc.)? The second paragraph is actually OK, but additional commentary is needed to put context on the security policy. On a larger scale... the UA Spec parts 3, 4, 6, and perhaps 7 should be overhauled to ensure that all areas that cover certificate-exchange are revised per the new behavior.
Tags	No tags attached.

Commit Version
Fix Due Date

Paul Hunkar 2012-11-27 17:35 developer ~0004305	Discussed in WG 11/27/2012 - will add additional Mantis issues for other parts that need to be addressed.

Matthias Damm 2013-08-20 14:34 developer ~0004931	Added exceptions for securityPolicyUri None to the two paragraphs in OpenSecureChannel. Resolved in document IEC 62541-4 - Services [Pre-CDV] 1.02.02.doc

Jim Luth 2013-11-25 18:48 administrator ~0005149	Agreed to changes in telecon.

Date Modified	Username	Field	Change
2012-11-08 21:21	~~Nathan Pocock~~	New Issue
2012-11-08 21:29	~~Nathan Pocock~~	Description Updated
2012-11-08 21:30	~~Nathan Pocock~~	Project	Releases => 10000-004: Services
2012-11-27 17:35	Paul Hunkar	Note Added: 0004305
2012-11-27 17:36	Paul Hunkar	Status	new => assigned
2012-11-27 17:36	Paul Hunkar	Assigned To	=> Matthias Damm
2013-08-20 14:34	Matthias Damm	Status	assigned => resolved
2013-08-20 14:34	Matthias Damm	Resolution	open => fixed
2013-08-20 14:34	Matthias Damm	Note Added: 0004931
2013-11-25 18:48	Jim Luth	Status	resolved => closed
2013-11-25 18:48	Jim Luth	Note Added: 0005149
2013-11-25 18:48	Jim Luth	Fixed in Version	=> 1.03