OASIS Key Management Interoperability Protocol (KMIP) TC

Join TC     TC Page     Send a comment to this TC

Advancing interoperability standards for enterprise encryption key management

Tony Cox, tony.cox@cryptsoft.com, Chair
Judith Furlong, Judith.Furlong@dell.com, Chair

Table of Contents

Announcements

Latest Advances in OASIS KMIP and PKCS #11 Encryption and Cryptographic Standards Demonstrated by 10 Companies at RSA Conference 2018: Cryptsoft, Fornetix, IBM Security, Kryptus, Micro Focus, P6R, Quintessence Labs, Thales eSecurity, Unbound Tech, and Utimaco Demo KMIP Interoperability and/or PKCS #11 Support; 16 April 2018

In memory of Bob Lockhart - The KMIP TC recognizes the contributions of Bob Lockhart as a founding member of the KMIP Technical Committee, a driving force in the global cryptography and key management industry, a contributor of great knowledge, experience and humor and a danger to coffee beans everywhere. The members of the KMIP Technical Committee honor his legacy by continuing the work he so passionately believed in.

KMIP Specification v1.4 and KMIP Profiles v1.4 become OASIS Standards. OASIS is pleased to announce that Key Management Interoperability Protocol Specification Version 1.4 and Key Management Interoperability Protocol Profiles Version 1.4 have been approved by the membership as OASIS Standards 27 Nov 2017.

Participation in the OASIS KMIP TC is open to all interested parties, including architects, designers, implementers, providers, and consumers of enterprise key management services. Contact member-services@oasis-open.org for more information on joining the TC.


Overview

The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP will provide better data security while at the same time reducing expenditures on multiple products.

For more information, see the TC Charter and FAQ.


Subcommittees

KMIP Interoperability Subcommittee


Standing Rules

The OASIS KMIP TC has instituted the following standing rules:

  • The KMIP TC is to be represented at an interoperability event by KMIP TC voting member organisations.
  • At an Interoperability Event, interoperability between implementations needs to be proven to the satisfaction of the participants, well ahead of any demonstration commencing.
  • In order for the KMIP TC to accept a Statement of Use, the submitting member needs to have participated in a plugfest or interop test for that version of the specification. This applies for KMIP v1.3 onward.


Technical Work Produced by the Committee

Currently Drafting - KMIP V2.0

Currently Testing - KMIP V1.4 & V2.0

Current Published Version - KMIP V1.4

The KMIP documents are available at the following locations:

  • KMIP Specification V1.4 (OASIS Standard) html
  • KMIP Profiles V1.4 (OASIS Standard) pdf html
  • KMIP Usage Guide V1.4 (Committee Note) pdf html
  • KMIP Test Cases V1.4 (Committee Note) pdf html

The KMIP Technical Committee maintains a Wiki here.


Expository Work Produced by the Committee


External Resources

Although not produced by the OASIS KMIP TC, the following information offers useful insights into its work:

GNC article: "The rising danger to data is making KMIP important", 2013 Jun 27

Cover Pages News Story on KMIP
Cover Pages Report on Cryptographic Key Management


Mailing Lists and Comments

kmip: the list used by TC members to conduct Committee work. TC membership is required to post. TC members are automatically subscribed; the public may view archives.

kmip-comment: a public mail list for providing input to the OASIS KMIP TC members. Send a comment or view archives.


Press Coverage and Commentary


Additional Information


Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.