Clarify if keyring trace entries are a hard requirement on Materials structures #70
Assignees
Milestone
Comments
|
Data for us to consider on this note: This is true of the default CMM in Java and Python when it is used with master key providers. Because master key providers do not emit keyring trace entries, there is no keyring trace for the default CMM to provide in this case. |
|
On a more philosophical note, the way I have always thought of the keyring trace is that it is a record of what actions keyrings have performed. If you have a CMM that does not do anything with keyrings, then by this definition your keyring trace MUST be empty. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The specification is very clear that if Keyrings perform operations such as the "generate data key" behaviour, they must also append the appropriate trace entries. Is it permissible for a CMM to exist that does not use Keyrings and that produces materials with data key values populated but no keyring trace entries?
The text was updated successfully, but these errors were encountered: