OASIS Key Management Interoperability Protocol (KMIP) TC

Join TC     TC Page     Send a comment to this TC

Advancing interoperability standard for enterprise encryption key management

Tony Cox, tony.cox@cryptsoft.com, Chair
Saikat Saha, saikat.saha@oracle.com, Chair
Robert Lockhart, Robert.Lockhart@thalesesec.com, Secretary

Table of Contents

Announcements

RSA 2017 Features Huge Demonstration of Support for Cyber Threat Intelligence, Encryption, and Cryptography Standards as 24 OASIS Member Companies Collaborate. Cryptsoft, Feitan, Fornetix, Hancom Secure, Hewlett Packard Enterprise (HPE), IBM, Kryptus, Oracle, Quintessence Labs, SafeNet, Utimaco, and Watchdata Demo KMIP Interoperability and/or PKCS #11 Support. 13 Feb 2017.

Participation in the OASIS KMIP TC is open to all interested parties, including architects, designers, implementers, providers, and consumers of enterprise key management services. Contact member-services@oasis-open.org for more information on joining the TC.


Overview

The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP will provide better data security while at the same time reducing expenditures on multiple products.

For more information, see the TC Charter and FAQ.


Subcommittees

KMIP Interoperability Subcommittee


Standing Rules

The OASIS KMIP TC has instituted the following standing rules:

  • The KMIP TC is to be represented at an interoperability event by KMIP TC voting member organisations.
  • At an Interoperability Event, interoperability between implementations needs to be proven to the satisfaction of the participants, well ahead of any demonstration commencing.
  • In order for the KMIP TC to accept a Statement of Use, the submitting member needs to have participated in a plugfest or interop test for that version of the specification. This applies for KMIP v1.3 onward.


Technical Work Produced by the Committee

The KMIP V1.2 documents are available at the following locations: KMIP V1.2 Specification (OASIS Standard) pdf html KMIP V1.2 Profiles (OASIS Standard) pdf html KMIP V1.2 Profiles Documents (OASIS Standards) -Additional Message Encodings Profile v1.0 pdf html -Assymentric Key Lifecycle Profile v1.0 pdf html -Cryptographic Services Profile v1.0 pdf html -Opaque Managed Object Store Profile v1.0 pdf html -Storage Array with Self-Encrypting Drives Profile v1.0 pdf html -Suite B Profile v1.0 pdf html -Symmetric Key Foundry for FIPS 140-2 Profile v1.0 pdf html -Symmetric Key Lifecycle Profile v1.0 pdf html -Tape Library Profile v1.0 pdf html KMIP V1.2 Usage Guide (Committee Note) pdf html KMIP V1.2 Test Cases (Committee Note) pdf html

The KMIP V1.1 documents are available at the following locations: KMIP V1.1 Specification (OASIS Standard) pdf html KMIP V1.1 Profiles (OASIS Standard) pdf html KMIP V1.1 Usage Guide (Committee Note) pdf html KMIP V1.1 Test Cases (Committee Note) pdf html

The KMIP V1.0 documents are available at the following locations: KMIP V1.0 Specification: pdf html doc KMIP V1.0 Profiles doc html pdf KMIP V1.0 Usage Guide (Committee Note) doc KMIP V1.0 Use Cases (Committee Note) doc

The KMIP Technical Committee maintains a Wiki here.


Expository Work Produced by the Committee


External Resources

Although not produced by the OASIS KMIP TC, the following information offers useful insights into its work:

GNC article: "The rising danger to data is making KMIP important", 2013 Jun 27

Cover Pages News Story on KMIP
Cover Pages Report on Cryptographic Key Management


Mailing Lists and Comments

kmip: the list used by TC members to conduct Committee work. TC membership is required to post. TC members are automatically subscribed; the public may view archives.

kmip-comment: a public mail list for providing input to the OASIS KMIP TC members. Send a comment or view archives.


Press Coverage and Commentary


Additional Information


Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.