View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000426610000-007: ProfilesSpecpublic2018-04-30 14:162022-11-17 06:59
ReporterWolfgang Mahnke Assigned ToKarl Deiretsbacher  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Summary0004266: Clarification on Security
Description

In version 1.0 we restricted full featured profiles not supporting security to "appropriate only for small devices with limited resources, including the inability to include a security infrastructure."
Now we have two out of the four full-featured profiles (ignoring the GDS profiles) not requiring security and only stating "intended for chip level devices with limited resources". This allows, from my understanding, that every OPC UA application can claim to support those profiles, even if they run for example on a PC, and become certified OPC UA products without supporting any security.
I think we should change the profiles to either stating that they can only be used when no security can be supported or select a security profile for them and change the wording that those are not required when security cannot be supported.
Otherwise, the claim to have security built-in OPC UA is rather weak.

TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Paul Hunkar

2018-07-22 02:22

developer   ~0009229

Once the ECC security algorithms are released we should be able to require more device to have to security - so that only a device that does NOT have the entropy needed for security would be allowed to omit security

Jim Luth

2022-11-15 17:40

administrator   ~0018154

This may be complete with the ECC profiles. Confirm this to close.

Wolfgang Mahnke

2022-11-17 06:59

developer   ~0018158

I confirm that this issue is fixed with the new profiles (and closed the issue already - hope that is OK).

Issue History

Date Modified Username Field Change
2018-04-30 14:16 Wolfgang Mahnke New Issue
2018-07-22 02:22 Paul Hunkar Note Added: 0009229
2018-09-19 12:46 Jim Luth Status new => acknowledged
2022-11-15 17:40 Jim Luth Note Added: 0018154
2022-11-15 17:40 Jim Luth Assigned To => Karl Deiretsbacher
2022-11-15 17:40 Jim Luth Status acknowledged => assigned
2022-11-17 06:59 Wolfgang Mahnke Status assigned => closed
2022-11-17 06:59 Wolfgang Mahnke Resolution open => fixed
2022-11-17 06:59 Wolfgang Mahnke Note Added: 0018158