A new OASIS technical committee is being formed. The Security Algorithms and Methods (SAM) Technical Committee (TC) has been proposed by the members of OASIS listed in the charter below. The TC name, statement of purpose, scope, list of deliverables, audience, IPR mode and language specified in this proposal will constitute the TC’s official charter.

Submissions of technology for consideration by the TC, and the beginning of technical discussions, may occur no sooner than the TC’s first meeting.

The eligibility requirements for becoming a participant in the TC at the first meeting are:

(a) you must be an employee or designee of an OASIS member organization or an individual member of OASIS, and

(b) you must join the Technical Committee, which members may do by using the Roster “join group: link on the TC’s web page at [a].

To be considered a voting member at the first meeting:

(a) you must join the Technical Committee at least 7 days prior to the first meeting (on or before 16 June 2020; and

(b) you must attend the first meeting of the TC, at the time and date fixed below (23 June 2020).

Participants also may join the TC at a later time. OASIS and the TC welcomes all interested parties.

Non-OASIS members who wish to participate may contact us about joining OASIS [b]. In addition, the public may access the information resources maintained for each TC: a mail list archive, document repository and public comments facility, which will be linked from the TC’s public home page at [c].

Please feel free to forward this announcement to any other appropriate lists. OASIS is an open standards organization; we encourage your participation.

———-

[a] https://www.oasis-open.org/apps/org/workgroup/sam/

[b] See http://www.oasis-open.org/join/

[c] http://www.oasis-open.org/committees/sam/

———-


CALL FOR PARTICIPATION


OASIS Security Algorithms and Methods (SAM) Technical Committee Charter

The charter for this TC is as follows.

Section 1: TC Charter

(1)(a) TC Name

Security Algorithms and Methods (SAM) TC

(1)(b) Statement of Purpose

The SAM Technical Committee will develop a set of documents to aid in the interoperability of implementations implementing cryptographic capabilities in support of OASIS and other standards and specifications. The TC’s work products will allow for the earlier adoption of existing and emerging security algorithms and approaches and to provide other technical committees a path to adoption where those defining the algorithms, mechanisms and methods are themselves not focused on or interested in the formal standardisation process.

Business Benefits

Many organisations are unable to comply with a range of standards that deal with cryptographic algorithms or methods because there are a number of algorithms and methods that are not documented in a manner readily referenced by implementers. The SAM TC works to deliver the following business benefits:

– Enable referencing of existing and emerging algorithms and methods for utilisation in other standards work (including multiple OASIS TCs)

– Enable referencing of existing and emerging algorithms and methods, so that they can be used in an interoperable way

– Provide a faster path to the registration than existing methods such as NIST and the IETF

Note: SAM TC does not seek to replace the work of other standards bodies, merely to provide a fast path to referencing the information.

(1)(c) Scope

The primary goal of the SAM Technical Committee is to provide a standardised set of references of algorithms, mechanisms, and methods, including test-vectors, that can be used in other OASIS technical committees or where the standards are not yet defined by another recognised standards body.

Any analysis of the security properties of included cryptographic algorithms, methods, and objects contained in their specifications are out of scope.

(1)(d) Deliverables

The format of the SAM TC deliverables will be agreed upon by the SAM TC but will include sufficient documentation to:

– Capture target algorithms, mechanisms and methods in sufficient detail to enable implementers to use the work to reliably reproduce interoperable implementations;

– Test target algorithms, mechanisms and methods to ensure accurate implementations can be generated;

– Test target algorithms, mechanisms and methods to ensure implementations are interoperable; and

– Define references sufficiently, so that they can be used by OASIS and other standards in the production of other interoperable systems.

– Establish liaisons (as appropriate) with other organisations that perform similar work including those organisations noted in section 2a.

(1)(e) IPR Mode

The TC will operate under Non-Assertion mode.

(1)(f) Audience

SAM is intended for the following audiences:

Architects, designers, and implementers of providers and consumers of systems or services that need to utilise cryptographic algorithms, methods, or objects.

(1)(g) Language

Work group business and proceedings will be conducted in English.

(Optional References for Section 1)

N/A

Section 2: Additional Information

(2)(a) Identification of Similar Work

– National Institute of Standards and Technology (NIST) – https://csrc.nist.gov/Projects/Cryptographic-Standards-and-Guidelines

– Internet Engineering Task Force (IETF), Security Area (sec) – https://www.ietf.org/topics/areas/

– International Standards Organisation (ISO), JTC1, SC27 – https://www.iso.org/committee/45306.html

(2)(b) First TC Meeting

June 23, 2020, 5pm US-EDT – Conference Call

(2)(c) Ongoing Meeting Schedule

Cryptsoft will host online SAM TC meetings.

The Technical committee may organise face to face meetings as needed.

Meeting frequency will be determined by the committee members during quorate meetings.

Meeting times may be adjusted to suit the timezones of contributing committee members.

(2)(d) TC Proposers

– Tony Cox, tony.cox@cryptsoft.com, Cryptsoft

– Tim Hudson, tjh@cryptsoft.com, Cryptsoft

– Jason Thatcher, jason.thatcher@cryptsoft.com, Cryptsoft

– Tim Chevalier, Tim.Chevalier@netapp.com, NetApp

– Judy Furlong, Judith.Furlong@dell.com, Dell

(2)(e) Primary Representatives’ Support

– Tim Hudson, tjh@cryptsoft.com, as OASIS primary representative for Cryptsoft Pty Ltd, confirms our support for the proposed SAM TC charter and endorses our participants listed above.

– Judy Furlong, Judith.Furlong@dell.com as OASIS primary representative for Dell, confirms our support for the proposed SAM TC charter and endorses our participants listed above.

– David Dale, ddale@netapp.com, as OASIS primary representative for NetApp Inc., confirms our support for the proposed SAM TC charter and endorses our participants listed above.

(2)(f) TC Convener

Tony Cox, tony.cox@cryptsoft.com, Cryptsoft

(2)(g) OASIS Member Section

ID Trust (http://www.oasis-idtrust.org/)

(2)(h) Anticipated Contributions

N/A

(2)(i) FAQ Document

N/A

(2)(j) Work Product Titles and Acronyms

N/A

The three new OData OASIS Standards, announced in https://lists.oasis-open.org/archives/members/202005/msg00003.html, are now published. They can be found at:

OData JSON Format Version 4.01

https://docs.oasis-open.org/odata/odata-json-format/v4.01/os/odata-json-format-v4.01-os.docx

https://docs.oasis-open.org/odata/odata-json-format/v4.01/os/odata-json-format-v4.01-os.html

https://docs.oasis-open.org/odata/odata-json-format/v4.01/os/odata-json-format-v4.01-os.pdf

Standards page entry: https://www.oasis-open.org/standards/#odata-json-v4.01

****

OData Common Schema Definition Language (CSDL) JSON Representation Version 4.01

https://docs.oasis-open.org/odata/odata-csdl-json/v4.01/os/odata-csdl-json-v4.01-os.docx

https://docs.oasis-open.org/odata/odata-csdl-json/v4.01/os/odata-csdl-json-v4.01-os.html

https://docs.oasis-open.org/odata/odata-csdl-json/v4.01/os/odata-csdl-json-v4.01-os.pdf

JSON schemas: https://docs.oasis-open.org/odata/odata-csdl-json/v4.01/os/schemas/

Standards page entry: https://www.oasis-open.org/standards/#odata-csdl-json-v4.01

****

OData Common Schema Definition Language (CSDL) XML Representation Version 4.01

https://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/os/odata-csdl-xml-v4.01-os.docx

https://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/os/odata-csdl-xml-v4.01-os.html

https://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/os/odata-csdl-xml-v4.01-os.pdf

XML schemas: https://docs.oasis-open.org/odata/odata-csdl-xml/v4.01/os/schemas/

Standards page entry: https://www.oasis-open.org/standards/#odata-csdl-xml-v4.01

OASIS is pleased to announce the publication of “Key Management Interoperability Protocol Test Cases Version 2.1” and “Key Management Interoperability Protocol Usage Guide Version 2.1,” Committee Notes from the members of the OASIS Key Management Interoperability Protocol (KMIP) TC [1].

The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients that request any of a wide range of encryption keys and servers that store and manage those keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures on multiple products.

These Committee Notes are intended for developers and architects who wish to design systems and applications that interoperate using KMIP.

The Committee Notes are available here:

Key Management Interoperability Protocol Test Cases Version 2.1
Committee Note 01
07 May 2020

Editable source (Authoritative):
https://docs.oasis-open.org/kmip/kmip-testcases/v2.1/cn01/kmip-testcases-v2.1-cn01.docx
HTML:
https://docs.oasis-open.org/kmip/kmip-testcases/v2.1/cn01/kmip-testcases-v2.1-cn01.html
PDF:
https://docs.oasis-open.org/kmip/kmip-testcases/v2.1/cn01/kmip-testcases-v2.1-cn01.pdf
XML Test cases:
https://docs.oasis-open.org/kmip/kmip-testcases/v2.1/cn01/test-cases/kmip-v2.1/

Key Management Interoperability Protocol Usage Guide Version 2.1
Committee Note 01
07 May 2020

Editable source (Authoritative):
https://docs.oasis-open.org/kmip/kmip-ug/v2.1/cn01/kmip-ug-v2.1-cn01.docx
HTML:
https://docs.oasis-open.org/kmip/kmip-ug/v2.1/cn01/kmip-ug-v2.1-cn01.html
PDF:
https://docs.oasis-open.org/kmip/kmip-ug/v2.1/cn01/kmip-ug-v2.1-cn01.pdf

For your convenience, OASIS provides a complete ZIP package of each Committee Note that you can download here:

KMIP Test Cases v2.1 zip file:
https://docs.oasis-open.org/kmip/kmip-testcases/v2.1/cn01/kmip-testcases-v2.1-cn01.zip

KMIP Usage Guide v2.1 zip file:
https://docs.oasis-open.org/kmip/kmip-ug/v2.1/cn01/kmip-ug-v2.1-cn01.zip

Members of the KMIP TC approved these Committee Notes by a Full Majority vote on 07 May 2020 as documented in the TC minutes [2].

Our congratulations to all the members of the TC.

Additional references:

[1] OASIS Key Management Interoperability Protocol (KMIP) TC
https://www.oasis-open.org/committees/kmip/

[2] Approval
https://wiki.oasis-open.org/kmip/MeetingMinutes/07May2020

OASIS is pleased to announce that KMIP Specification v2.1 and KMIP Profiles v2.1 from the OASIS Key Management Interoperability Protocol (KMIP) TC [1] have been approved as OASIS Committee Specifications.

What is KMIP and why is it important?

The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients that request any of a wide range of encryption keys and servers that store and manage those keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures on multiple products.

The KMIP Specification v2.1 is intended for developers and architects who wish to design systems and applications that interoperate using the Key Management Interoperability Protocol Specification.

KMIP Profiles v2.1 specifies conformance clauses that define the use of objects, attributes, operations, message elements and authentication methods within specific contexts of KMIP server and client interaction.

These Committee Specifications are OASIS deliverables, completed and approved by the TC and fully ready for testing and implementation.

The documents and related files are available here:

Key Management Interoperability Protocol Specification Version 2.1
Committee Specification 01
07 May 2020

Editable source (Authoritative):
https://docs.oasis-open.org/kmip/kmip-spec/v2.1/cs01/kmip-spec-v2.1-cs01.docx
HTML:
https://docs.oasis-open.org/kmip/kmip-spec/v2.1/cs01/kmip-spec-v2.1-cs01.html
PDF:
https://docs.oasis-open.org/kmip/kmip-spec/v2.1/cs01/kmip-spec-v2.1-cs01.pdf
For your convenience, OASIS provides a complete package of the prose document and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/kmip/kmip-spec/v2.1/cs01/kmip-spec-v2.1-cs01.zip

Key Management Interoperability Protocol Profiles Version 2.1
Committee Specification 01
07 May 2020

Editable source (Authoritative):
https://docs.oasis-open.org/kmip/kmip-profiles/v2.1/cs01/kmip-profiles-v2.1-cs01.docx
HTML:
https://docs.oasis-open.org/kmip/kmip-profiles/v2.1/cs01/kmip-profiles-v2.1-cs01.html
PDF:
https://docs.oasis-open.org/kmip/kmip-profiles/v2.1/cs01/kmip-profiles-v2.1-cs01.pdf
Test cases:
https://docs.oasis-open.org/kmip/kmip-profiles/v2.1/cs01/test-cases/
ZIP file:
https://docs.oasis-open.org/kmip/kmip-profiles/v2.1/cs01/kmip-profiles-v2.1-cs01.zip

Members of the KMIP TC [1] approved these specifications by Special Majority Vote. The specifications had been released for public review as required by the TC Process [2]. The vote to approve as Committee Specifications passed [3], and the documents are now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:
[1] OASIS Key Management Interoperability Protocol (KMIP) TC
https://www.oasis-open.org/committees/kmip/

[2] Public review:
* 30-day public review, 12 February 2020:
https://lists.oasis-open.org/archives/kmip/202002/msg00005.html
– Comment resolution logs:
KMIP Specification: https://docs.oasis-open.org/kmip/kmip-spec/v2.1/csprd01/kmip-spec-v2.1-csprd01-comment-resolution-log.txt
KMIP Profiles: https://docs.oasis-open.org/kmip/kmip-profiles/v2.1/csprd01/kmip-profiles-v2.1-csprd01-comment-resolution-log.txt

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3502

OASIS is pleased to announce that the call for consent has closed [1] and, effective 11 May 2020, OData JSON Format, OData Common Schema Definition Language (CSDL) JSON Representation, and OData Common Schema Definition Language (CSDL) XML Representation, all version 4.01, are OASIS Standards. TC Administration will now undertake the final tasks of preparing and loading the standards.

The ballot was held under the OASIS call for consent procedure [2]. In the ballot, the Candidate OASIS Standards each received 13 affirmative consents and no objections.

Our congratulations to the members of the TC and to the community of implementers, developers and users who have brought the work successfully to this milestone

=== Additional information

[1] Ballot:
https://www.oasis-open.org/committees/ballot.php?id=3497

[2] https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26#OScallForConsent

OASIS and the OASIS Advanced Message Queuing Protocol (AMQP) TC are pleased to announce that Message Annotations for Response Routing Version 1.0 is now available for public review and comment.

Large scale messaging networks may consist of multiple distinct sub-networks where addresses visible at one point in the network are not visible at other points. Where messages are transferred across network boundaries, addresses contained within the message (such as those in the reply-to field) may no longer be valid. This document defines mechanisms to allow messages which transit such boundaries to be annotated with sufficient information to allow responses to be directed back to the intended recipient.

The documents and related files are available here:

Message Annotations for Response Routing Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
24 April 2020

Editable source (Authoritative):
https://docs.oasis-open.org/amqp/respann/v1.0/csprd01/respann-v1.0-csprd01.docx

HTML:
https://docs.oasis-open.org/amqp/respann/v1.0/csprd01/respann-v1.0-csprd01.html

PDF:
https://docs.oasis-open.org/amqp/respann/v1.0/csprd01/respann-v1.0-csprd01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/amqp/respann/v1.0/csprd01/respann-v1.0-csprd01.zip

How to Provide Feedback

OASIS and the AMQP TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 08 May 2020 at 00:00 UTC and ends 06 June 2020 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=amqp).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/amqp-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the AMQP TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/amqp/

========== Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr

[2] https://www.oasis-open.org/committees/amqp/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#RF-on-RAND-Mode
RF on RAND Mode