OASIS Key Management Interoperability Protocol (KMIP) TC

Join TC     TC Page     Send a comment to this TC

Advancing interoperability standard for enterprise encryption key management

Tony Cox, tony.cox@cryptsoft.com, Chair
Saikat Saha, saikat.saha@oracle.com, Chair
Robert Lockhart, Robert.Lockhart@thalesesec.com, Secretary

Table of Contents


KMIP Specification v1.3 and KMIP Profiles v1.3 are now Candidate OASIS Standards. The specifications have entered their pre-standard vote review period that ends December 12, 2016. For details, see the announcement at https://www.oasis-open.org/news/announcements/60-day-public-review-for-kmip-specification-v1-3-and-kmip-profiles-v1-3-ends-dec-.

OASIS Press Release: Latest advances in OASIS KMIP and PKCS #11 Encryption and Cryptographic Token Interface Standards Demonstrated by Twelve Companies at RSA 2016: Interoperability Between Cryptosense, Cryptsoft, Feitian, Fornetix, Hewlett Packard Enterprise (HPE), IBM, Oracle, P6R, Quintessence Labs, SafeNet, Townsend Security, and Utimaco Products on Display; 29 Feb 2016

After five years of leadership and contribution as co-chair of KMIP Technical Committee (TC), Subhash Sankuratripati has departed to new endeavors. During his tenure as co-chair, KMIP TC has achieved several notable milestones including:

  • Publishing the KMIP 1.0, 1.1 and 1.2 specifications
  • Raising industry awareness of KMIP through industry forums and presentations
  • Successful completion of multiple interoperability tests against the KMIP specifications for both members and non-Members of the KMIP TC alike

Subhash's moderation of weekly KMIP TC meetings and tirelesss work with OASIS staff to ensure proper procedures were maintained including the re-charter of OASIS KMIP TC will be sorely missed by all committee members.

The KMIP TC would like to publicly recognize the huge contributions Subhash has provided during his tenure. We would like to say a hearty thank you and best wishes on your new endeavors Subhash!

KMIP won the 2014 Open Standards Cup in the Outstanding New Technical Committee category. Congratulations!

Eleven Companies Demo Interoperability for KMIP and PKCS #11 OASIS Standards at RSA Conference 2014: Cryptosense, Cryptsoft, Dell, Feitian, HP, IBM, P6R, Oracle, SafeNet, Thales e-Security, and Vormetric Show Support for Key Management and Cryptographic Token Interface Standards; 24 Feb 2014

The KMIP TC began operating under a new charter in Oct 2013.

KMIP TC members have honored OASIS Distinguished Contributor, Bob Griffin of EMC, with the title of Chair Emeritus.

In the GNC article, "The rising danger to data is making KMIP important", author William Jackson writes, "The need to protect data at rest is expanding the use of encryption for storage systems, and the movement of data to the cloud is pointing up the need for a standardized way to manage encryption keys across diverse infrastructures. KMIP is emerging as the standard for this job, with vendors beginning to incorporate KMIP in their products and customers making plans to use it."

Participation in the OASIS KMIP TC is open to all interested parties, including architects, designers, implementers, providers, and consumers of enterprise key management services. Contact member-services@oasis-open.org for more information on joining the TC.


The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP will provide better data security while at the same time reducing expenditures on multiple products.

For more information, see the TC Charter and FAQ.


KMIP Interoperability Subcommittee

Standing Rules

The OASIS KMIP TC has instituted the following standing rules:

  • The KMIP TC is to be represented at an interoperability event by KMIP TC voting member organisations.
  • At an Interoperability Event, interoperability between implementations needs to be proven to the satisfaction of the participants, well ahead of any demonstration commencing.
  • In order for the KMIP TC to accept a Statement of Use, the submitting member needs to have participated in a plugfest or interop test for that version of the specification. This applies for KMIP v1.3 onward.

Technical Work Produced by the Committee

The KMIP V1.2 documents are available at the following locations: KMIP V1.2 Specification (OASIS Standard) pdf html KMIP V1.2 Profiles (OASIS Standard) pdf html KMIP V1.2 Profiles Documents (OASIS Standards) -Additional Message Encodings Profile v1.0 pdf html -Assymentric Key Lifecycle Profile v1.0 pdf html -Cryptographic Services Profile v1.0 pdf html -Opaque Managed Object Store Profile v1.0 pdf html -Storage Array with Self-Encrypting Drives Profile v1.0 pdf html -Suite B Profile v1.0 pdf html -Symmetric Key Foundry for FIPS 140-2 Profile v1.0 pdf html -Symmetric Key Lifecycle Profile v1.0 pdf html -Tape Library Profile v1.0 pdf html KMIP V1.2 Usage Guide (Committee Note) pdf html KMIP V1.2 Test Cases (Committee Note) pdf html

The KMIP V1.1 documents are available at the following locations: KMIP V1.1 Specification (OASIS Standard) pdf html KMIP V1.1 Profiles (OASIS Standard) pdf html KMIP V1.1 Usage Guide (Committee Note) pdf html KMIP V1.1 Test Cases (Committee Note) pdf html

The KMIP V1.0 documents are available at the following locations: KMIP V1.0 Specification: pdf html doc KMIP V1.0 Profiles doc html pdf KMIP V1.0 Usage Guide (Committee Note) doc KMIP V1.0 Use Cases (Committee Note) doc

The KMIP Technical Committee maintains a Wiki here.

Expository Work Produced by the Committee

External Resources

Although not produced by the OASIS KMIP TC, the following information offers useful insights into its work:

GNC article: "The rising danger to data is making KMIP important", 2013 Jun 27

Cover Pages News Story on KMIP
Cover Pages Report on Cryptographic Key Management

Mailing Lists and Comments

kmip: the list used by TC members to conduct Committee work. TC membership is required to post. TC members are automatically subscribed; the public may view archives.

kmip-comment: a public mail list for providing input to the OASIS KMIP TC members. Send a comment or view archives.

Press Coverage and Commentary

Additional Information

Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.