21   Table 6 to be revised

Created: 16 May 2022

Status: Discussion (red)

Part: Part 6 (2020, Edition 1)

Links:

Page: 28

Clause: 11.2.1

Paragraph: Table 6

Issue

Only A-profile is indicated as mandatory.
Client is m and server is o.
E2E and General tables should be integrated to table 6

Proposal

Merge the 3 tables.
Indicate conditional use of E2E or ACSE authentication (One of the two profile shall be supported)

Discussion Created Status
I'm not sure that the table provides the needed clarity. As we have in figure 1 the distinction of the different approach, it may be easier to map the table to the figure, e.g.:
- S1a: IEC 62531-4 ACSE Authentication (I'm not sure how we can refer to this. I don't think we have S1a alone as it does not provide sufficient security. According to Figure 1 we don't have the combination. If we have it, it would relate to "limited-secure" with the enhancement in Figure 1 to ACSE with authentication.
- S1b: IEC 62531-4 ACSE Authentication over IEC 62351-3 TLS (case compatibility)
- S1c: IEC 62531-3 TLS-only + application evaluation of TLS certificates (case TLS-only)
- S1d: Use of IEC 62531-3 TLS mandatory cipher suites (case TLS-only or End-to-end security)

Regarding the AtLeast Statement, it somehow reads that either S1B or S1d needs to be supported, but isn't it rather S1b and S1c, while S1d is always used when TLS is used (S1b and S1c)? 		30 Jun 23 Discussion (red)
Agreed. Revised table attached. 02 May 23 Accepted

 

Privacy | Contact | Disclaimer

Tissue DB v. 23.12.13.1