View Issue Details

IDProjectCategoryView StatusLast Update
000963810000-006: MappingsSpecpublic2024-07-10 02:21
ReporterPaul Hunkar Assigned ToRandy Armstrong  
PrioritynormalSeverityfeatureReproducibilityalways
Status resolvedResolutionfixed 
Product Version1.04 
Target Version?.?? 
Summary0009638: Errata required for 1.04 to allow ECC algorithms
Description

The 1.05 ECC profiles include the following required ConformanceUnit

Security LegacySequenceNumber False

But this option is not described or available in 1.04, the proposal is to add an errata for 1.04 that would replace the following text in part 6 (section 6.7.2.4)
"A SequenceNumber may not be reused for any TokenId. The SecurityToken lifetime should be short enough to ensure that this never happens; however, if it does the receiver should treat it as a transport error and force a reconnect.

The SequenceNumber shall also monotonically increase for all Messages and shall not wrap around until it is greater than 4 294 966 271 (UInt32.MaxValue – 1 024). The first number after the wrap around shall be less than 1 024. Note that this requirement means that a SequenceNumber does not reset when a new TokenId is issued. The SequenceNumber shall be incremented by exactly one for each MessageChunk sent unless the communication channel was interrupted and re-established. Gaps are permitted between the SequenceNumber for the last MessageChunk received before the interruption and the SequenceNumber for first MessageChunk received after communication was re-established. Note that the first MessageChunk after a network interruption is always an OpenSecureChannel request or response. If gaps occur in any other case the receiver shall close the SecureChannel."

with the following from the same section in 1.05

"A SequenceNumber may not be reused for any TokenId. The SecurityToken lifetime shall be short enough to ensure that this never happens; however, if it does the receiver shall treat it as a transport error and force a reconnect. The SequenceNumber does not reset when a new TokenId is issued and it shall be incremented by exactly one for each MessageChunk sent.

SecurityPolicies with LegacySequenceNumbers set to TRUE, the SequenceNumber shall monotonically increase for all Messages and shall not wrap around until it is greater than 4 294 966 271 (UInt32.MaxValue – 1 024). The first number after the wrap around shall be less than 1 024.

SecurityPolicies with LegacySequenceNumbers set to FALSE, the SequenceNumber shall start at 0 and monotonically increase for all Messages and shall not wrap around until it is equal to 4 294 967 295 (UInt32.MaxValue). The first number after the wrap around shall be 0."

Additional Information

Once this errata is completed - the ECC profile that are currently marked as draft can be pushed to released - since they do match in all other manners

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0009452 assignedPaul Hunkar 10000-007: Profiles LegacySequenceNumbers for all ECC profiles have changed in ProfileReporting 
related to 0008956 assignedPaul Hunkar 10000-007: Profiles SymmetricSignatureAlgorithm_Poly1305 is a non-standard algorithm 

Activities

Randy Armstrong

2024-07-10 02:21

administrator   ~0021437

Added errata.

Issue History

Date Modified Username Field Change
2024-07-04 06:12 Paul Hunkar New Issue
2024-07-09 15:15 Jim Luth Assigned To => Randy Armstrong
2024-07-09 15:15 Jim Luth Status new => assigned
2024-07-09 15:16 Jim Luth Relationship added related to 0009452
2024-07-09 15:28 Jim Luth Relationship added related to 0008956
2024-07-10 02:21 Randy Armstrong Status assigned => resolved
2024-07-10 02:21 Randy Armstrong Resolution open => fixed
2024-07-10 02:21 Randy Armstrong Note Added: 0021437