From 178e72d2c80ff057f56445c83b7d8b98ba665e66 Mon Sep 17 00:00:00 2001 From: Martin Ward Date: Wed, 26 Nov 2025 11:14:57 +0000 Subject: [PATCH 1/6] Synchronous, ProblemDetails, editorial --- README.md | 2 +- interop-kms.yaml | 664 ----------------------------------- interop-kms_ExtraMarkup.yaml | 448 ++++++++++++++++++----- 3 files changed, 355 insertions(+), 759 deletions(-) delete mode 100644 interop-kms.yaml diff --git a/README.md b/README.md index 6f5c2f0..7d115e6 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Note: The default branch in this repository has been renamed `main` as per QKD(2 ## Visualise View API in -[Swagger Editor](https://forge.etsi.org/swagger/editor-versions/v3.8.0/?url=https://forge.etsi.org/rep/qkd/gs020-interop-kms/-/raw/main/interop-kms.yaml). +[Swagger Editor](https://forge.etsi.org/swagger/editor-versions/v3.8.0/?url=https://forge.etsi.org/rep/qkd/gs020-interop-kms/-/raw/wrk_qkd39/interop-kms_ExtraMarkup.yaml). ## Contact diff --git a/interop-kms.yaml b/interop-kms.yaml deleted file mode 100644 index 096bd64..0000000 --- a/interop-kms.yaml +++ /dev/null @@ -1,664 +0,0 @@ -# Copyright 2025 ETSI -# Licensed under the BSD-3 Clause (https://forge.etsi.org/legal-matters) -openapi: 3.0.3 -info: - title: Draft ETSI GS QKD 020 - Interoperable Key Management System API - description: | - OpenAPI description of the Interoperable Key Management System API being - developed by ETSI ISG QKD under work item DGS/QKD-020_InteropKMS. - - The interface is intended for use within a trusted node and enables the - transfer of keys between key management systems. - contact: - name: ETSI ISG QKD - email: isgsupport@etsi.org - version: Draft 0.5.1 - license: - name: BSD 3-Clause - url: https://forge.etsi.org/legal-matters - x-logo: - url: 'https://www.etsi.org/templates/etsi/img/logo.svg' - altText: ETSI logo -servers: - - url: https://{kme_hostname} - description: Local KME server - variables: - kme_hostname: - default: 127.0.0.1:443 -externalDocs: - description: Work Item description - url: https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=63115 -tags: - - name: versions - description: Information about supported API versions - - - name: ext-keys - description: Pass keys to another KME (external keys) - -paths: - /kmapi/versions: - get: - summary: Get supported API versions - operationId: get-versions - tags: - - versions - description: | - Return list of supported ETSI GS QKD 020 API versions. - - When an SAE makes a request to a KME, it should use the most recent - version of the API that the KME and SAE support. - - The SAE can use this end-point to determine which API versions the KME - supports. - responses: - '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/version_container' - '401': - $ref: '#/components/responses/401-extkey' - '503': - $ref: '#/components/responses/503-extkey' - - /kmapi/v1/ext_keys: - post: - summary: Transfer keys to external KMS - operationId: post-ext_keys - tags: - - ext-keys - description: | - Pass an `ext_key_container` - extended key request container comprising key material and - associated data to another KME, for the key(s) to be delivered (by relay - where necessary) to the target SAE(s) specified. The extended key - request container contains keys matching those to be delivered to the - initiator SAE. - - Upon a valid request, the KME should aim to respond without undue delay with - a `202` ('Accepted'), - then it will issue a separate call (or multiple calls) to the specified - `ack_callback_url` - endpoint once the keys are actually delivered (or fail to be delivered). - - A `400` error will be returned - if the container format is invalid or includes initiator/target SAE IDs - for which a valid route is not known to the KME. - requestBody: - description: | - `ext_key_container` extended key request container. - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/ext_key_container' - responses: - '202': - $ref: '#/components/responses/202-extkey' - '400': - $ref: '#/components/responses/400-extkey' - '401': - $ref: '#/components/responses/401-extkey' - '408': - $ref: '#/components/responses/408-extkey' - '503': - $ref: '#/components/responses/503-extkey' - - /kmapi/v1/ext_keys/void: - post: - summary: Signal keys as void to external KMS (i.e. discard keys) - operationId: post-ext_keys-void - tags: - - ext-keys - description: | - Pass an `ext_key_container` - extended key request container comprising key IDs to another - KME, for the key(s) to be marked as void (i.e. discarded and not - delivered to SAEs). The `ext_key_container` - extended key request container contains keys matching - those already passed to the KME. - - Upon a valid request, a KME shall discard keys relating to the provided - key IDs and post a call to the specified - `ack_callback_url` describing - the completed operation. After this, The KMEs shall not use the impacted - key, and it shall reject any requests to retrieve them using - ETSI GS QKD 014, ETSI GS QKD 004, or otherwise. - - A `400` code should be returned - if the request is known without further investigation to be invalid. - Otherwise, failures to void keys can be reported subsequently via - `ack_callback_url` - - If this operation is requested with an empty - `key_ids` array - all keys shared between the pre-specified SAEs shall be voided. To - reduce the risk of accidental key loss, the KME shall reject any void - request that does specify key ID(s) but without including the - `all_confirmation` URL parameter with a value of true, and return a - `400` code. - parameters: - - $ref: '#/components/parameters/all_confirmation' - requestBody: - description: Void request container - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/void_container' - responses: - '202': - $ref: '#/components/responses/202-extkey' - '400': - $ref: '#/components/responses/400-extkey-void' - '401': - $ref: '#/components/responses/401-extkey' - '408': - $ref: '#/components/responses/408-extkey' - '503': - $ref: '#/components/responses/503-extkey' - - /kmapi/v1/ext_keys/ack: - post: - summary: Acknowledge completion of a previous ext_key request - operationId: post-ext_keys-ack - tags: - - ext-keys - description: | - Pass one or more key acknowledgement container comprising key IDs - associated with a previous call to the - `ext_keys` method by an external - KMS. The status of all keys in the container is indicated by the status - field. - - The `ack_status` field may be `relayed`, `voided`, `failed`, or `key not - present`. - - - `relayed` indicates the KME has successfully relayed the specified - keys to the requested target (where the `initiator_sae_id` and - `target_sae_id` are specified in the acknowledgement container). If the - initiator requested multiple targets, the acknowledgements for each - target are separate acknowledgement containers (since the status for - each target may be different). - - - `voided` indicates the KME has successfully voided the specified keys - so they will not be delivered to applications. - - - `failed` indicates that the requested operation on the specified keys - could not be completed. For example, an - `ext_keys` request may not - complete if there is insufficient key material for relaying. Also, a - void request will fail if the specified keys have already been delivered - to a requesting SAE. - - - `key not present` indicates that the specified keys could not be found - by the KME. - - In addition to the `status` field, additional information (e.g. - explaining a failure) can be included in the optional `message` field. - - It is possible that a single - `ext_keys` request included multiple keys, - where some are successfully delivered and other fail. This can be - indicated by a KME sending multiple acknowledgement requests, with the - container payload used to specify the status of different arrays of - keys. A single container should be used for each target SAE ID. - - Extension fields may also be optionally included (which could be, e.g. - metadata for each key to indicate its routing information from the - remote KMS). If such extensions are included, the extensions should be - handled accordingly (e.g. to keep the provided metadata with each key so - it can be relayed to the initiator SAE). - - a KME receiving a valid acknowledgement shall return a - `200` code, otherwise an Error Code - shall be returned including details of the error. - requestBody: - description: Acknowledgements containers - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/ack_containers' - responses: - '200': - $ref: '#/components/responses/200-ack-response' - '400': - $ref: '#/components/responses/400-extkey-ack' - '401': - $ref: '#/components/responses/401-extkey' - '503': - $ref: '#/components/responses/503-extkey' - -components: - responses: - 200-ack-response: - description: Successful response - - 202-extkey: - description: Request accepted response - - 400-extkey: - description: Bad request format response - content: - application/json: - schema: - $ref: '#/components/schemas/message_data' - examples: - missing_parameters: - value: - message: missing parameters - details: - - missing_parameters: required parameters are missing from the API call - unknown_sae_id: - value: - message: key routing error - details: - - target_sae_id_not_recognized: KME associated with a target SAE ID is not known. - no_known_route: - value: - message: key routing error - details: - - no_known_route: KME does not know a route to deliver to target SAE ID. - no_passback_allowed: - value: - message: key routing error - details: - - invalid_routing: >- - Routing this key to target SAE ID requires directly - passing it back to the calling KME, which is invalid. - insufficient_key_material: - value: - message: insufficient key material - details: - - insufficient_key_material: Insufficient key material available to deliver key. - - 400-extkey-void: - description: Bad request format response - content: - application/json: - schema: - $ref: '#/components/schemas/message_data' - examples: - failed: - value: - message: void request not understood - details: - - key_voiding_error: KME cannot parse the submitted void request. - key_not_present: - value: - message: key not present - details: - - key_not_present: The requested key ID(s) are not available to be voided. - no_key_ids_or_confirmation: - value: - message: no_key_ids_or_confirmation - details: - - no_key_ids_or_confirmation: >- - When no key_ids are passed, all keys shared between the - SAEs will be voided. If this is the intended action, the - `all_confirmation` field also needs to be set with a value - of `true`. Otherwise, please specify key_ids to be voided. - - 400-extkey-ack: - description: Bad request format response - content: - application/json: - schema: - $ref: '#/components/schemas/message_data' - examples: - not_understood: - value: - message: ack not understood - details: - - ack_not_understood: KME cannot parse the submitted acknowledgement. - key_not_present: - value: - message: key not present - details: - - key_not_present: The acknowledged key ID(s) are not known to this KME. - - 401-extkey: - description: Unauthorized response - content: - application/json: - schema: - $ref: '#/components/schemas/message_data' - example: - message: unauthorized - details: - - unauthorized: User-supplied certificate is invalid. - - 408-extkey: - description: Timeout response - content: - application/json: - schema: - $ref: '#/components/schemas/message_data' - example: - message: timeout - details: - - timeout: >- - No response received from KME to - `ext_keys` request in - sufficient time. - - 503-extkey: - description: Error of server side response - content: - application/json: - schema: - $ref: '#/components/schemas/message_data' - example: - message: server side general error - details: - - server_side_general_error: The server encountered a general failure and cannot respond. - - schemas: - - ack_callback_url: - description: >- - URL to which acknowledgement(s) should be sent after all or part of the - request completes or fails. - type: string - example: https://kme1/kmapi/v1/ext_keys/ack - - ack_container: - title: Acknowledgements container - type: object - required: - - key_ids - - ack_status - - initiator_sae_id - - target_sae_id - properties: - key_ids: - $ref: '#/components/schemas/key_id_container' - ack_status: - $ref: '#/components/schemas/ack_status' - initiator_sae_id: - $ref: '#/components/schemas/initiator_sae_id' - target_sae_id: - $ref: '#/components/schemas/target_sae_id' - message: - $ref: '#/components/schemas/ack_message' - extension: - $ref: '#/components/schemas/extension' - - ack_containers: - description: Array of `ack_container` acknowledgement containers - type: array - items: - $ref: '#/components/schemas/ack_container' - - ack_message: - title: message - description: | - Optional further details to expand upon the - `ack_status`. - type: string - - ack_status: - description: Status of acknowledged keys - type: string - enum: - - relayed - - voided - - failed - - key not present - example: relayed - - ext_key_container: - title: Extended key request container - type: object - required: - - keys - - initiator_sae_id - - target_sae_ids - - ack_callback_url - properties: - keys: - $ref: '#/components/schemas/keys' - initiator_sae_id: - $ref: '#/components/schemas/initiator_sae_id' - target_sae_ids: - $ref: '#/components/schemas/target_sae_ids' - ack_callback_url: - $ref: '#/components/schemas/ack_callback_url' - extension_mandatory: - $ref: '#/components/schemas/extension_mandatory' - extension_optional: - $ref: '#/components/schemas/extension_optional' - - extension: - type: object - additionalProperties: - type: object - additionalProperties: true - description: >- - Reserved for future use. Dictionary of objects. Objects may be of any - type and custom extensions should be named starting with a vendor prefix - followed by an underscore. - example: - abc_extension1: 'Some string' - abc_extension2: - property1: 10111 - property2: 'Some text' - property3: - subprop1: 21 - subprop2: true - - extension_mandatory: - type: object - additionalProperties: - type: object - additionalProperties: true - description: >- - Dictionary of objects representing extension parameters that KME shall handle - or return an error (e.g. as originated in the Get Key request that triggered - key relaying to use the `ext_keys` call). - Objects may be of any type and custom extensions should be named starting with - a vendor prefix followed by an underscore. - example: - abc_route_type: 'direct' - abc_method: - hybrid_keys: true - primary: 'qkd' - secondary: 'pqc' - - extension_optional: - type: object - additionalProperties: - type: object - additionalProperties: true - description: >- - Dictionary of objects representing extension parameters that KME may ignore (e.g. - as originated in the Get Key request that triggered key relaying to use the - `ext_keys` call). Objects may be of any type - and custom extensions should be named starting with a vendor prefix followed by - an underscore. - example: - abc_module_type: - vendor: 'Company ABC' - protocol: 'BB84' - min_version: 2.5 - abc_qos_session: 'e73d9abe' - - initiator_sae_id: - type: string - description: >- - ID of the SAE that initiated the request to share the key(s) relevant to - the request. - example: encryptor1 - - key_id: - description: 'ID of the key: UUID format.' - type: string - format: uuid - example: 550e8400-e29b-41d4-a716-446655440000 - - key_id_container: - type: array - description: Array of key IDs. - items: - type: object - required: - - key_id - properties: - key_id: - $ref: '#/components/schemas/key_id' - extension: - $ref: '#/components/schemas/extension' - - key_ids: - type: array - description: Array of key IDs. - items: - $ref: '#/components/schemas/key_id' - - keys: - type: array - description: Array of keys. - items: - type: object - required: - - key_id - - value - properties: - key_id: - $ref: '#/components/schemas/key_id' - value: - $ref: '#/components/schemas/value' - extension: - $ref: '#/components/schemas/extension' - - message_data: - title: Message data format - type: object - required: - - message - properties: - message: - description: Response message - type: string - example: success - details: - description: Array of objects containing details - type: array - items: - type: object - - target_sae_id: - type: string - description: ID of target SAE that the initiator SAE wishes to share keys with. - example: encryptor2 - - target_sae_ids: - type: array - description: >- - Array of IDs of target SAEs relevant to the request. (In a call to - `ext_keys` to request keys - to be shared these are the keys the initiator - SAE wishes to share keys with.) A single target or multiple targets can - be specified (where each target gets an identical key). - items: - $ref: '#/components/schemas/target_sae_id' - - value: - description: | - Key data encoded by the base64 data encoding scheme specified in IETF - RFC 4648 (October 2006): "The Base16, Base32, and Base64 Data Encodings" - [7] using the alphabet in Table 1 of the RFC. - - Implementations shall ensure that padding used in the base64 data - encoding scheme is never used as key material. This includes the - zero, two, or one `=` padding characters at the end of the final - encoded unit of output where the final quantum of encoding input - is exactly 24 bits, 8 bits, or 16 bits, respectively. - - When non-integer-byte-size keys are used it is essential to - strip any padding bits with value zero that were added (on the - right) when decoding. It is not safe to strip all bits with - value zero from the end of the decoded key since this can bias - keys. Decoding needs to make use of independent knowledge of - the requested key size to correctly strip such padding in order to - recover a valid key. (The base64 data encoding scheme and the `=` - padding character rules it includes can only indicate the size of - the encoding input in integer byte sizes. The final character - of the encoded output or the final character before the first - `=` padding character can include information from padding bits - with value zero that were added when during encoding in the case - of non-integer-byte-size keys.) - - Note that support for non-integer-byte-size keys is optional and - many vendors choose to support only integer byte sizes. - type: string - example: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly+s= - - version: - type: string - description: Supported API version. - example: v1 - - version_container: - title: Version container - type: object - required: - - versions - properties: - versions: - $ref: '#/components/schemas/versions' - extension: - $ref: '#/components/schemas/extension' - - versions: - type: array - description: Array of supported API versions. - items: - $ref: '#/components/schemas/version' - - void_container: - title: Void request container - type: object - required: - - key_ids - - initiator_sae_id - - target_sae_ids - - ack_callback_url - properties: - key_ids: - $ref: '#/components/schemas/key_ids' - initiator_sae_id: - $ref: '#/components/schemas/initiator_sae_id' - target_sae_ids: - $ref: '#/components/schemas/target_sae_ids' - ack_callback_url: - $ref: '#/components/schemas/ack_callback_url' - extension: - $ref: '#/components/schemas/extension' - - parameters: - all_confirmation: - name: all_confirmation - in: query - required: false - description: >- - Confirmation flag used to confirm deletion of all keys when no key IDs - are specified. - schema: - type: boolean - examples: - 'true': - value: true - summary: Confirmation - - securitySchemes: - mutualTLS: - type: http - scheme: mutual - description: >- - Mutual TLS authentication using certificates, TLSv1.3 (or later). - NOTE - OpenAPI 3.1.0 introduces better support for describing mTLS. -security: - - mutualTLS: [] diff --git a/interop-kms_ExtraMarkup.yaml b/interop-kms_ExtraMarkup.yaml index 7e436d7..e889478 100644 --- a/interop-kms_ExtraMarkup.yaml +++ b/interop-kms_ExtraMarkup.yaml @@ -1,6 +1,6 @@ # Copyright 2025 ETSI # Licensed under the BSD-3 Clause (https://forge.etsi.org/legal-matters)openapi: 3.0.3 -openapi: 3.0.3 +openapi: '3.0.3' info: title: Draft ETSI GS QKD 020 - Interoperable Key Management System API description: | @@ -12,7 +12,7 @@ info: contact: name: ETSI ISG QKD email: isgsupport@etsi.org - version: Draft 0.5.1 + version: Draft 0.6.1 license: name: BSD 3-Clause url: https://forge.etsi.org/legal-matters @@ -52,11 +52,7 @@ paths: supports. responses: '200': - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/version_container' + $ref: '#/components/responses/200-version' '401': $ref: '#/components/responses/401-extkey' '503': @@ -94,6 +90,8 @@ paths: schema: $ref: '#/components/schemas/ext_key_container' responses: + '200': + $ref: '#/components/responses/200-extkey-sync' '202': $ref: '#/components/responses/202-extkey' '400': @@ -148,6 +146,8 @@ paths: schema: $ref: '#/components/schemas/void_container' responses: + '200': + $ref: '#/components/responses/200-extkey-void-sync' '202': $ref: '#/components/responses/202-extkey' '400': @@ -172,7 +172,7 @@ paths: KMS. The status of all keys in the container is indicated by the status field. - The `ack_status` field may be `relayed`, `voided`, `failed`, or `key not + The `ack_status` field may be `relayed`, `voided`, `failed`, or `key not present`. - `relayed` indicates the KME has successfully relayed the specified @@ -211,7 +211,7 @@ paths: handled accordingly (e.g. to keep the provided metadata with each key so it can be relayed to the initiator SAE). - a KME receiving a valid acknowledgement shall return a + A KME receiving a valid acknowledgement shall return a `200` code, otherwise an Error Code shall be returned including details of the error. requestBody: @@ -236,6 +236,42 @@ components: 200-ack-response: description: Successful response + 200-version: + description: Successful response + content: + application/json: + schema: + $ref: '#/components/schemas/version_container' + example: + versions: + - v1 + capabilities: + - synchronous_mode + extension: + - 32473_extension1: Some string + - 32473_extension2: + - property1: 10111 + - property2: Some text + - property3: + - subprop1: 21 + - subprop2: true + + 200-extkey-sync: + description: Successful response to synchronous mode request. Host that do not + support the optional synchronous mode will never return this response. + content: + application/json: + schema: + $ref: '#/components/schemas/ack_containers' + + 200-extkey-void-sync: + description: Successful response to synchronous mode request. Host that do not + support the optional synchronous mode will never return this response. + content: + application/json: + schema: + $ref: '#/components/schemas/ack_containers' + 202-extkey: description: Request accepted response @@ -244,33 +280,38 @@ components: content: application/json: schema: - $ref: '#/components/schemas/message_data' + $ref: '#/components/schemas/problem_details' examples: missing_parameters: value: - message: missing parameters + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/missing-parameters + title: missing parameters details: - missing_parameters: required parameters are missing from the API call unknown_sae_id: value: - message: key routing error + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/key-routing-error + title: key routing error details: - target_sae_id_not_recognized: KME associated with a target SAE ID is not known. no_known_route: value: - message: key routing error + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/key-routing-error + title: key routing error details: - no_known_route: KME does not know a route to deliver to target SAE ID. no_passback_allowed: value: - message: key routing error + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/key-routing-error + title: key routing error details: - invalid_routing: >- Routing this key to target SAE ID requires directly passing it back to the calling KME, which is invalid. insufficient_key_material: value: - message: insufficient key material + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/insufficient-key-material + title: insufficient key material details: - insufficient_key_material: Insufficient key material available to deliver key. @@ -279,21 +320,24 @@ components: content: application/json: schema: - $ref: '#/components/schemas/message_data' + $ref: '#/components/schemas/problem_details' examples: failed: value: - message: void request not understood + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/void-request-not-understood + title: void request not understood details: - key_voiding_error: KME cannot parse the submitted void request. key_not_present: value: - message: key not present + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/key-not-present + title: key not present details: - key_not_present: The requested key ID(s) are not available to be voided. no_key_ids_or_confirmation: value: - message: no_key_ids_or_confirmation + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/no-key-ids-or-confirmation + title: no key ids or confirmation details: - no_key_ids_or_confirmation: >- When no key_ids are passed, all keys shared between the @@ -306,16 +350,18 @@ components: content: application/json: schema: - $ref: '#/components/schemas/message_data' + $ref: '#/components/schemas/problem_details' examples: not_understood: value: - message: ack not understood + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/ack-not-understood + title: ack not understood details: - ack_not_understood: KME cannot parse the submitted acknowledgement. key_not_present: value: - message: key not present + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/key-not-present + title: key not present details: - key_not_present: The acknowledged key ID(s) are not known to this KME. @@ -324,9 +370,10 @@ components: content: application/json: schema: - $ref: '#/components/schemas/message_data' + $ref: '#/components/schemas/problem_details' example: - message: unauthorized + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/unauthorized + title: unauthorized details: - unauthorized: User-supplied certificate is invalid. @@ -335,9 +382,10 @@ components: content: application/json: schema: - $ref: '#/components/schemas/message_data' + $ref: '#/components/schemas/problem_details' example: - message: timeout + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/timeout + title: timeout details: - timeout: >- No response received from KME to @@ -349,24 +397,42 @@ components: content: application/json: schema: - $ref: '#/components/schemas/message_data' + $ref: '#/components/schemas/problem_details' example: - message: server side general error + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/server-side-general-error + title: server side general error details: - server_side_general_error: The server encountered a general failure and cannot respond. schemas: ack_callback_url: - description: >- - URL to which acknowledgement(s) should be sent after all or part of the + description: | + Acknowledgements callback URL `ack_callback_url` + to which acknowledgement(s) should be sent after all or part of the request completes or fails. + + If this parameter is omitted the request shall be interpreted as a + request to invoke the endpoint in the optional synchronous mode. + Otherwise, it shall be interpreted as a request to invoke the endpoint + using the default asynchronous mode. + + Before submitting synchronos mode requests with a blank + `ack_callback_url` to a new KME the + `/kmapi/versions` endpoint should be + called to confirm that the new KME supports the optional synchronous mode + `capability`. type: string + format: uri + maxLength: 1024 example: https://kme1/kmapi/v1/ext_keys/ack ack_container: - title: Acknowledgements container + description: Acknowledgements container `ack_container` + through which results shall be reported once the requested operations have + completed. type: object + maxItems: 1024 required: - key_ids - ack_status @@ -385,23 +451,61 @@ components: $ref: '#/components/schemas/ack_message' extension: $ref: '#/components/schemas/extension' + example: + - key_ids: + - key_id: 550e8400-e29b-41d4-a716-446655440000 + - extension: + - 32473_extension1: Some string + - ack_status: relayed + - initiator_sae_id: encryptor1 + - target_sae_id: encryptor2 + - message: string + - extension: + - 32473_extension1: Some string + - 32473_extension2: + - property1: 10111 + - property2: + - subprop1: 21 + - subprop2: true ack_containers: - description: Array of `ack_container` acknowledgement containers + description: Acknowledgements container `ack_containers` + is an array of acknowledgements containers `ack_container`. type: array + maxItems: 1024 items: $ref: '#/components/schemas/ack_container' + example: + - - key_ids: + - key_id: 550e8400-e29b-41d4-a716-446655440000 + - extension: + - 32473_extension1: Some string + - - ack_status: relayed + - - initiator_sae_id: encryptor1 + - - target_sae_id: encryptor2 + - - message: string + - - extension: + - 32473_extension1: Some string + - 32473_extension2: + - property1: 10111 + - property2: + - subprop1: 21 + - subprop2: true + ack_message: - title: message description: | + Acknowledgement message `ack_message` Optional further details to expand upon the `ack_status`. type: string + maxLength: 4096 ack_status: - description: Status of acknowledged keys + description: Acknowledgement status `ack_status` + describes the status of acknowledged keys. type: string + maxLength: 4096 enum: - relayed - voided @@ -409,14 +513,38 @@ components: - key not present example: relayed + capabilities: + type: array + description: | + Capabilities `capabilities` is an + array of strings each indicating a `capability` + supported by the host. + + Where a host supports the optional synchronous mode it should report this + capability of `synchronous_mode`. Clients should confirm this capability + before sending requests for synchronous mode. + maxItems: 1000 + items: + $ref: '#/components/schemas/capability' + example: + - synchronous_mode + + capability: + description: Capability `capabiity` is a string that + indicates a capability supported by the host. + type: string + maxLength: 128 + example: synchronous_mode + ext_key_container: - title: Extended key request container + description: Extended key request container `ext_key_container` + is a container used in calls to the `/kmapi/v1/ext_keys` + endpoint. type: object required: - keys - initiator_sae_id - target_sae_ids - - ack_callback_url properties: keys: $ref: '#/components/schemas/keys' @@ -430,96 +558,170 @@ components: $ref: '#/components/schemas/extension_mandatory' extension_optional: $ref: '#/components/schemas/extension_optional' + example: + keys: + - key_id: '550e8400-e29b-41d4-a716-446655440000' + - value: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly+s= + - extension: + 32473_extension1: Some string + 32473_extension2: + property1: 10111 + property2: Some text + property3: + subprop1: 21 + subprop2: true + initiator_sae_id: encryptor1 + target_sae_ids: + encryptor2 + ack_callback_url: https://kme1/kmapi/v1/ext_keys/ack + extension_mandatory: + - 32473_route_type: direct + - 32473_method: + - hybrid_keys: true + - primary: qkd + - secondary: pqc + extension_optional: + - 32473_module_type: + - vendor: Company ABC + - protocol: BB84 + - min_version: 2.5 + - 32473_qos_session: e73d9abe extension: type: object additionalProperties: type: object additionalProperties: true - description: >- - Reserved for future use. Dictionary of objects. Objects may be of any - type and custom extensions should be named starting with a vendor prefix - followed by an underscore. + description: | + Extension `extension` is a dictionary of objects. + Objects may be of any type and custom extensions + shall be named starting with a vendor prefix that shall be an IANA + Private Enterprise Number (PEN) followed by an underscore. + + ETSI might specify extensions in future and ETSI's IANA Private + Enterprise Number `13019` is reserved and shall not be used at this time. example: - abc_extension1: 'Some string' - abc_extension2: - property1: 10111 - property2: 'Some text' - property3: - subprop1: 21 - subprop2: true + - 32473_extension1: 'Some string' + - 32473_extension2: + - property1: 10111 + - property2: 'Some text' + - property3: + - subprop1: 21 + - subprop2: true extension_mandatory: type: object additionalProperties: type: object additionalProperties: true - description: >- - Dictionary of objects representing extension parameters that KME shall handle + description: | + Extension `extension_mandatory` is a + dictionary of objects representing extension parameters that KME shall handle or return an error (e.g. as originated in the Get Key request that triggered - key relaying to use the `ext_keys` call). - Objects may be of any type and custom extensions should be named starting with - a vendor prefix followed by an underscore. + key relaying to use the `ext_keys` endpoint). + Objects may be of any type and custom extensions + should be named starting with a vendor prefix that shall be an IANA + Private Enterprise Number (PEN) followed by an underscore. + + ETSI might specify extensions in future and ETSI's IANA Private + Enterprise Number `13019` is reserved and shall not be used at this time. example: - abc_route_type: 'direct' - abc_method: - hybrid_keys: true - primary: 'qkd' - secondary: 'pqc' + - 32473_module_type: + - vendor: Company ABC + - protocol: BB84 + - in_version: 2.5 + - 32473_qos_session: e73d9abe extension_optional: type: object additionalProperties: type: object additionalProperties: true - description: >- - Dictionary of objects representing extension parameters that KME may ignore (e.g. + description: | + Extension `extension_optional` is a dictionary + of objects representing extension parameters that KME may ignore (e.g. as originated in the Get Key request that triggered key relaying to use the `ext_keys` call). Objects may be of any type - and custom extensions should be named starting with a vendor prefix followed by - an underscore. + and custom extensions should be named starting with a vendor prefix that shall + be an IANA Private Enterprise Number (PEN) followed by an underscore. + + ETSI might specify extensions in future and ETSI's IANA Private + Enterprise Number `13019` is reserved and shall not be used at this time. example: - abc_module_type: - vendor: 'Company ABC' - protocol: 'BB84' - min_version: 2.5 - abc_qos_session: 'e73d9abe' + - 32473_module_type: + - vendor: Company ABC + - protocol: BB84 + - in_version: 2.5 + - 32473_qos_session: e73d9abe initiator_sae_id: type: string description: >- - ID of the SAE that initiated the request to share the key(s) relevant to + Initiatior SAE ID `initiator_sae_id` is the ID + of the SAE that initiated the request to share the key(s) relevant to the request. example: encryptor1 key_id: - description: 'ID of the key: UUID format.' + description: Key ID `key_id` is the ID of the key in UUID format. type: string format: uuid example: 550e8400-e29b-41d4-a716-446655440000 key_id_container: type: array - description: Array of key IDs. + description: Key ID container `key_id_container` + is an array providing `key_id` and optional + `extension` information. items: type: object required: - key_id + maxItems: 1024 properties: key_id: $ref: '#/components/schemas/key_id' extension: $ref: '#/components/schemas/extension' + example: + - key_id: 550e8400-e29b-41d4-a716-446655440000 + - extension: + - 32473_vendor: Company ABC + - 32473_protocol: BB84 key_ids: type: array - description: Array of key IDs. + description: Key IDs `key_ids` is an array of `key_id`. items: $ref: '#/components/schemas/key_id' + example: + - key_id: 550e8400-e29b-41d4-a716-446655440000 + - key_id: 373b0b2c-d841-4765-af6f-c6232cda6531 + - key_id: 65380d2d-7de4-4445-9a1e-23f77218e61d + + key: + type: object + description: Key `key` is an object containing a + `key_id` and its `value`. + required: + - key_id + - value + properties: + key_id: + $ref: '#/components/schemas/key_id' + value: + $ref: '#/components/schemas/value' + extension: + $ref: '#/components/schemas/extension' + example: + key_id: 550e8400-e29b-41d4-a716-446655440000 + value: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly\u002Bs= + extension: + - 32473_protocol = BB84 keys: type: array - description: Array of keys. + description: Keys `keys` is an array of `key`. items: type: object required: @@ -532,44 +734,72 @@ components: $ref: '#/components/schemas/value' extension: $ref: '#/components/schemas/extension' + example: + - key_id: 550e8400-e29b-41d4-a716-446655440000 + - value: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly\u002Bs= + - extension: + - 32473_protocol = BB84 - message_data: - title: Message data format + problem_details: type: object - required: - - message + description: | + Problem Details `problem_details` is an object + according shall satify the requirements in IETF RFC 9457 + for Problem Details for HTTP APIs. properties: - message: - description: Response message + type: type: string - example: success + description: A URI reference that identifies the problem type. + format: uri + maxLength: 1024 + status: + type: integer + description: The HTTP status code generated by the origin server for this occurrence of the problem. + format: int32 + minimum: 100 + maximum: 599 + example: 400 + title: + type: string + description: A short, human-readable summary of the problem type. + maxLength: 1024 details: - description: Array of objects containing details + description: Array of objects containing details. Often the name of an item will identify the topic and its contents can be a single string providing more details. type: array + maxItems: 1000 items: type: object + required: + - type + example: + type: https://qkd.forge.etsi.org/gs021-orch-interop-sdn/invalid-parameter + status: 400 + title: Invalid parameter format + details: + - malformed_property: Property xxxx_xxxx does not match the expected format target_sae_id: type: string - description: ID of target SAE that the initiator SAE wishes to share keys with. + description: Target SAE ID `target_sae_id` is the + ID of the SAE that the initiator SAE wishes to share keys with. example: encryptor2 target_sae_ids: type: array description: >- - Array of IDs of target SAEs relevant to the request. (In a call to - `ext_keys` to request keys - to be shared these are the keys the initiator - SAE wishes to share keys with.) A single target or multiple targets can - be specified (where each target gets an identical key). + `target_sae_ids` is an array of IDs of target SAEs + relevant to the request. (In a call to `ext_keys` + to request keys to be shared these are the keys the initiator SAE wishes to share + keys with.) A single target or multiple targets can be specified (where each + target gets an identical key). items: $ref: '#/components/schemas/target_sae_id' value: description: | - Key data encoded by the base64 data encoding scheme specified in IETF - RFC 4648 (October 2006): "The Base16, Base32, and Base64 Data Encodings" - [7] using the alphabet in Table 1 of the RFC. + Value `value` is key data encoded by the base64 data encoding + scheme specified in IETF RFC 4648 (October 2006): "The Base16, Base32, and Base64 Data Encodings" + using the alphabet in Table 1 of the RFC. Implementations shall ensure that padding used in the base64 data encoding scheme is never used as key material. This includes the @@ -591,35 +821,48 @@ components: with value zero that were added when during encoding in the case of non-integer-byte-size keys.) - Note that support for non-integer-byte-size keys is optional and + NOTE: Support for non-integer-byte-size keys is optional and many vendors choose to support only integer byte sizes. type: string example: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly+s= version: type: string - description: Supported API version. + description: Version `version` is a sting indicating + a version of the API supported by the host. + maxLength: 16 example: v1 version_container: - title: Version container + title: Version container `version_container` + is an object to indicate supported `versions` and + `capabilities` of a host along with optional + `extension` information. type: object required: - versions properties: versions: $ref: '#/components/schemas/versions' + capabilities: + $ref: '#/components/schemas/capabilities' extension: $ref: '#/components/schemas/extension' versions: type: array - description: Array of supported API versions. + description: Versions `versions` is an array of supported API versions + `version`. + maxItems: 1000 items: $ref: '#/components/schemas/version' - + example: + - v1 + void_container: - title: Void request container + description: Void request container `void_container` + is an object used in the `ext_keys/void` + endpoint to request keys to be voided. type: object required: - key_ids @@ -637,6 +880,23 @@ components: $ref: '#/components/schemas/ack_callback_url' extension: $ref: '#/components/schemas/extension' + example: + key_ids: + - key_id: 550e8400-e29b-41d4-a716-446655440000 + - key_id: 373b0b2c-d841-4765-af6f-c6232cda6531 + - key_id: 65380d2d-7de4-4445-9a1e-23f77218e61d + initiator_sae_id: encryptor1 + target_sae_ids: + - encryptor2 + ack_callback_url: https://kme1/kmapi/v1/ext_keys/ack + extension: + - 32473_extension1: Some string + - 32473_extension2: + - property1: 10111 + - property2: Some text + - property3: + - subprop1: 21 + - subprop2: true parameters: all_confirmation: -- GitLab From dc76cf6e2cf7283589d5178dc0a4e029d5f87323 Mon Sep 17 00:00:00 2001 From: Martin Ward Date: Wed, 26 Nov 2025 12:07:26 +0000 Subject: [PATCH 2/6] Edit interop-kms_ExtraMarkup.yaml version label indicate as proposed changes --- interop-kms_ExtraMarkup.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interop-kms_ExtraMarkup.yaml b/interop-kms_ExtraMarkup.yaml index e889478..141471c 100644 --- a/interop-kms_ExtraMarkup.yaml +++ b/interop-kms_ExtraMarkup.yaml @@ -12,7 +12,7 @@ info: contact: name: ETSI ISG QKD email: isgsupport@etsi.org - version: Draft 0.6.1 + version: Proposed changes to Draft 0.6.1 license: name: BSD 3-Clause url: https://forge.etsi.org/legal-matters -- GitLab From 05a9b0f061ef1d0cd786b9fe321fe2fceb2be719 Mon Sep 17 00:00:00 2001 From: Martin Ward Date: Wed, 3 Dec 2025 08:03:55 +0000 Subject: [PATCH 3/6] Edit interop-kms_ExtraMarkup.yaml update extension prefixes --- interop-kms_ExtraMarkup.yaml | 60 ++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/interop-kms_ExtraMarkup.yaml b/interop-kms_ExtraMarkup.yaml index 141471c..1e7fb06 100644 --- a/interop-kms_ExtraMarkup.yaml +++ b/interop-kms_ExtraMarkup.yaml @@ -248,8 +248,8 @@ components: capabilities: - synchronous_mode extension: - - 32473_extension1: Some string - - 32473_extension2: + - E32473_extension1: Some string + - E32473_extension2: - property1: 10111 - property2: Some text - property3: @@ -455,14 +455,14 @@ components: - key_ids: - key_id: 550e8400-e29b-41d4-a716-446655440000 - extension: - - 32473_extension1: Some string + - E32473_extension1: Some string - ack_status: relayed - initiator_sae_id: encryptor1 - target_sae_id: encryptor2 - message: string - extension: - - 32473_extension1: Some string - - 32473_extension2: + - E32473_extension1: Some string + - E32473_extension2: - property1: 10111 - property2: - subprop1: 21 @@ -479,14 +479,14 @@ components: - - key_ids: - key_id: 550e8400-e29b-41d4-a716-446655440000 - extension: - - 32473_extension1: Some string + - E32473_extension1: Some string - - ack_status: relayed - - initiator_sae_id: encryptor1 - - target_sae_id: encryptor2 - - message: string - - extension: - - 32473_extension1: Some string - - 32473_extension2: + - E32473_extension1: Some string + - E32473_extension2: - property1: 10111 - property2: - subprop1: 21 @@ -563,8 +563,8 @@ components: - key_id: '550e8400-e29b-41d4-a716-446655440000' - value: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly+s= - extension: - 32473_extension1: Some string - 32473_extension2: + E32473_extension1: Some string + E32473_extension2: property1: 10111 property2: Some text property3: @@ -575,17 +575,17 @@ components: encryptor2 ack_callback_url: https://kme1/kmapi/v1/ext_keys/ack extension_mandatory: - - 32473_route_type: direct - - 32473_method: + - E32473_route_type: direct + - E32473_method: - hybrid_keys: true - primary: qkd - secondary: pqc extension_optional: - - 32473_module_type: + - E32473_module_type: - vendor: Company ABC - protocol: BB84 - min_version: 2.5 - - 32473_qos_session: e73d9abe + - E32473_qos_session: e73d9abe extension: type: object @@ -595,14 +595,14 @@ components: description: | Extension `extension` is a dictionary of objects. Objects may be of any type and custom extensions - shall be named starting with a vendor prefix that shall be an IANA - Private Enterprise Number (PEN) followed by an underscore. + shall be named starting with a vendor prefix that shall be the letter `E` + followed by an IANA Private Enterprise Number (PEN) followed by an underscore. ETSI might specify extensions in future and ETSI's IANA Private Enterprise Number `13019` is reserved and shall not be used at this time. example: - - 32473_extension1: 'Some string' - - 32473_extension2: + - E32473_extension1: 'Some string' + - E32473_extension2: - property1: 10111 - property2: 'Some text' - property3: @@ -620,17 +620,17 @@ components: or return an error (e.g. as originated in the Get Key request that triggered key relaying to use the `ext_keys` endpoint). Objects may be of any type and custom extensions - should be named starting with a vendor prefix that shall be an IANA - Private Enterprise Number (PEN) followed by an underscore. + should be named starting with a vendor prefix that shall be the letter `E` + followed byan IANA Private Enterprise Number (PEN) followed by an underscore. ETSI might specify extensions in future and ETSI's IANA Private Enterprise Number `13019` is reserved and shall not be used at this time. example: - - 32473_module_type: + - E32473_module_type: - vendor: Company ABC - protocol: BB84 - in_version: 2.5 - - 32473_qos_session: e73d9abe + - E32473_qos_session: e73d9abe extension_optional: type: object @@ -648,11 +648,11 @@ components: ETSI might specify extensions in future and ETSI's IANA Private Enterprise Number `13019` is reserved and shall not be used at this time. example: - - 32473_module_type: + - E32473_module_type: - vendor: Company ABC - protocol: BB84 - in_version: 2.5 - - 32473_qos_session: e73d9abe + - E32473_qos_session: e73d9abe initiator_sae_id: type: string @@ -686,8 +686,8 @@ components: example: - key_id: 550e8400-e29b-41d4-a716-446655440000 - extension: - - 32473_vendor: Company ABC - - 32473_protocol: BB84 + - E32473_vendor: Company ABC + - E32473_protocol: BB84 key_ids: type: array @@ -717,7 +717,7 @@ components: key_id: 550e8400-e29b-41d4-a716-446655440000 value: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly\u002Bs= extension: - - 32473_protocol = BB84 + - E32473_protocol = BB84 keys: type: array @@ -738,7 +738,7 @@ components: - key_id: 550e8400-e29b-41d4-a716-446655440000 - value: wHHVxRwDJs3/bXd38GHP3oe4svTuRpZS0yCC7x4Ly\u002Bs= - extension: - - 32473_protocol = BB84 + - E32473_protocol = BB84 problem_details: type: object @@ -890,8 +890,8 @@ components: - encryptor2 ack_callback_url: https://kme1/kmapi/v1/ext_keys/ack extension: - - 32473_extension1: Some string - - 32473_extension2: + - E32473_extension1: Some string + - E32473_extension2: - property1: 10111 - property2: Some text - property3: -- GitLab From b5068b7a4f4554821978ce12f8770c9956a5dc22 Mon Sep 17 00:00:00 2001 From: Martin Ward Date: Wed, 3 Dec 2025 11:58:36 +0000 Subject: [PATCH 4/6] Edit interop-kms_ExtraMarkup.yaml incorporating changes from QKD(25)39037 --- interop-kms_ExtraMarkup.yaml | 41 ++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/interop-kms_ExtraMarkup.yaml b/interop-kms_ExtraMarkup.yaml index 1e7fb06..4214a00 100644 --- a/interop-kms_ExtraMarkup.yaml +++ b/interop-kms_ExtraMarkup.yaml @@ -72,13 +72,20 @@ paths: request container contains keys matching those to be delivered to the initiator SAE. - Upon a valid request, the KME should aim to respond without undue delay with - a `202` ('Accepted'), - then it will issue a separate call (or multiple calls) to the specified + Upon a valid request, for the required asynchronous mode, the KME shall + aim to respond without undue delay with a + `202` ('Accepted'), + then it shall issue a separate call (or multiple calls) to the specified `ack_callback_url` endpoint once the keys are actually delivered (or fail to be delivered). - A `400` error will be returned + If synchronous mode is to be implemented in addition to the asynchronous + mode, as the KMEs shall not respond with an acknowledgement, + `ack_callback_url` is omitted in this + implementation. Instead, the KME shall respond with a + `200`` ('Successful'). + + A `400` error shall be returned if the container format is invalid or includes initiator/target SAE IDs for which a valid route is not known to the KME. requestBody: @@ -117,14 +124,20 @@ paths: extended key request container contains keys matching those already passed to the KME. - Upon a valid request, a KME shall discard keys relating to the provided - key IDs and post a call to the specified + Upon a valid request, for the required asynchronous mode, a KME shall discard + keys relating to the provided key IDs and post a call to the specified `ack_callback_url` describing the completed operation. After this, The KMEs shall not use the impacted key, and it shall reject any requests to retrieve them using ETSI GS QKD 014, ETSI GS QKD 004, or otherwise. - A `400` code should be returned + If synchronous mode is to be implemented in addition to the asynchronous mode, + as the KMEs shall not respond with an acknowledgement, + `ack_callback_url` is omitted in + this implementation. Instead, the KME shall respond with a + `200` ('Successful'). + + A `400` code shall be returned if the request is known without further investigation to be invalid. Otherwise, failures to void keys can be reported subsequently via `ack_callback_url` @@ -135,7 +148,7 @@ paths: reduce the risk of accidental key loss, the KME shall reject any void request that does specify key ID(s) but without including the `all_confirmation` URL parameter with a value of true, and return a - `400` code. + `400` code. parameters: - $ref: '#/components/parameters/all_confirmation' requestBody: @@ -172,8 +185,8 @@ paths: KMS. The status of all keys in the container is indicated by the status field. - The `ack_status` field may be `relayed`, `voided`, `failed`, or `key not - present`. + The `ack_status` field may be `relayed`, + `voided`, `failed`, or `key not present`. - `relayed` indicates the KME has successfully relayed the specified keys to the requested target (where the `initiator_sae_id` and @@ -212,7 +225,7 @@ paths: it can be relayed to the initiator SAE). A KME receiving a valid acknowledgement shall return a - `200` code, otherwise an Error Code + `200` code, otherwise an Error Code shall be returned including details of the error. requestBody: description: Acknowledgements containers @@ -415,9 +428,9 @@ components: If this parameter is omitted the request shall be interpreted as a request to invoke the endpoint in the optional synchronous mode. Otherwise, it shall be interpreted as a request to invoke the endpoint - using the default asynchronous mode. + using the required asynchronous mode. - Before submitting synchronos mode requests with a blank + Before submitting synchronous mode requests with a blank `ack_callback_url` to a new KME the `/kmapi/versions` endpoint should be called to confirm that the new KME supports the optional synchronous mode @@ -744,7 +757,7 @@ components: type: object description: | Problem Details `problem_details` is an object - according shall satify the requirements in IETF RFC 9457 + according shall satisfy the requirements in IETF RFC 9457 for Problem Details for HTTP APIs. properties: type: -- GitLab From 6d630887175baf75e89804364108991e59d6195c Mon Sep 17 00:00:00 2001 From: Martin Ward Date: Thu, 11 Dec 2025 23:53:19 +0000 Subject: [PATCH 5/6] Prepare for merge as Draft 0.6.1 --- README.md | 2 +- interop-kms_ExtraMarkup.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7d115e6..6f5c2f0 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Note: The default branch in this repository has been renamed `main` as per QKD(2 ## Visualise View API in -[Swagger Editor](https://forge.etsi.org/swagger/editor-versions/v3.8.0/?url=https://forge.etsi.org/rep/qkd/gs020-interop-kms/-/raw/wrk_qkd39/interop-kms_ExtraMarkup.yaml). +[Swagger Editor](https://forge.etsi.org/swagger/editor-versions/v3.8.0/?url=https://forge.etsi.org/rep/qkd/gs020-interop-kms/-/raw/main/interop-kms.yaml). ## Contact diff --git a/interop-kms_ExtraMarkup.yaml b/interop-kms_ExtraMarkup.yaml index 4214a00..d894269 100644 --- a/interop-kms_ExtraMarkup.yaml +++ b/interop-kms_ExtraMarkup.yaml @@ -12,7 +12,7 @@ info: contact: name: ETSI ISG QKD email: isgsupport@etsi.org - version: Proposed changes to Draft 0.6.1 + version: Draft 0.6.1 license: name: BSD 3-Clause url: https://forge.etsi.org/legal-matters -- GitLab From cdffc1974a09f4bad7f40f289b52a82095011e4d Mon Sep 17 00:00:00 2001 From: Martin Ward Date: Thu, 11 Dec 2025 23:59:59 +0000 Subject: [PATCH 6/6] Update copyright year in LICENSE --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index 2708889..76edd56 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ -Copyright 2024 ETSI +Copyright 2025 ETSI Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: -- GitLab