View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004799 | 10000-006: Mappings | Spec | public | 2019-06-26 14:02 | 2020-03-31 16:57 |
| Reporter | David Levine | Assigned To | Randy Armstrong | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Summary | 0004799: timestamp field in RequestHeader says it is only used for diagnostics but it is also used for security | ||||
| Description | Part 4, Table 170, timestamp, states: "The time the Client sent the request. The parameter is only used for diagnostic and logging purposes in the server" This is contradicted by other parts of the spec. Part 4, Table 177, shows errorCode Bad_InvalidTimestamp and states: "The timestamp is outside the range allowed by the Server." Part 6, section 6.3 Time synchronization states: "All SecurityProtocols require that system clocks on communicating machines be reasonably synchronized in order to check the expiry times for Certificates or Messages. The amount of clock skew that can be tolerated depends on the system security requirements and applications shall allow administrators to configure the acceptable clock skew when verifying times. A suitable default value is 5 minutes." Recommend changing the description of Part 4, Table 170, timestamp, to: "The time the Client sent the request. The parameter is used for security purposes and can be used for diagnostic and logging purposes in the server. Reference Part 6, section 6.3" | ||||
| Tags | No tags attached. | ||||
| Commit Version | |||||
| Fix Due Date | |||||
| related to | 0005350 | closed | Paul Hunkar | 10000-002: Security | timestamp field in RequestHeader says it is only used for diagnostics but it is also used for security |
|
|
Remove "The amount of clock skew that can be tolerated depends on the system security requirements and applications shall allow administrators to configure the acceptable clock skew when verifying times. A suitable default value is 5 minutes." from Part 6. Review text in Part 2 to match Part 6 relative to Time sync and security. |
|
|
Removed text suggesting a security use. |
|
|
Agreed to changes in telecon. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-06-26 14:02 | David Levine | New Issue | |
| 2019-08-06 16:51 | Jim Luth | Assigned To | => Matthias Damm |
| 2019-08-06 16:51 | Jim Luth | Status | new => assigned |
| 2019-12-11 23:56 | Jim Luth | Project | 10000-004: Services => 10000-006: Mappings |
| 2019-12-11 23:57 | Jim Luth | Assigned To | Matthias Damm => Randy Armstrong |
| 2019-12-11 23:59 | Jim Luth | Note Added: 0011339 | |
| 2019-12-11 23:59 | Jim Luth | Issue cloned: 0005350 | |
| 2019-12-11 23:59 | Jim Luth | Relationship added | related to 0005350 |
| 2020-03-23 17:44 | Randy Armstrong | Status | assigned => resolved |
| 2020-03-23 17:44 | Randy Armstrong | Resolution | open => fixed |
| 2020-03-23 17:44 | Randy Armstrong | Note Added: 0011821 | |
| 2020-03-31 16:57 | Jim Luth | Status | resolved => closed |
| 2020-03-31 16:57 | Jim Luth | Fixed in Version | => 1.05 |
| 2020-03-31 16:57 | Jim Luth | Note Added: 0011854 |
