OASIS PKCS 11 TC
Enhancing PKCS #11 standard for cryptographic tokens controlling authentication information (personal identity, cryptographic keys, certificates, digital signatures, biometric data)
Table of Contents
- TC Liaisons
- Technical Work Produced by the Committee
- Expository Work Produced by the Committee
- External Resources
- Mailing Lists and Comments
- Press Coverage and Commentary
- Additional Information
OASIS Press Release: Twelve Companies Demonstrate Interoperability for OASIS KMIP and PKCS #11 Encryption and Cryptographic Token Interface Standards at RSA 2015: Cryptosense, Cryptsoft, Dell, Feitian, Fornetix, HP, IBM, Oracle, P6R, Thales, Utimaco, and Vormetric Collaborate to Prove Multi-Vendor Interoperability; 21 Apr 2015
Valerie Fenwick and Bob Griffin make the case for approving PKCS #11 package as OASIS Standards in this video.
The OASIS PKCS 11 Technical Committee develops enhancements to improve the PKCS #11 standard for ease of use in code libraries, open source applications, wrappers, and enterprise/COTS products: implementation guidelines, usage tutorials, test scenarios and test suites, interoperability testing, coordination of functional testing, development of conformance profiles, and providing reference implementations.
The updated standard provides additional support for mobile and cloud computing use cases: for distributed/federated applications involving key management functions (key generation, distribution, translation, escrow, re-keying); session-based models; virtual devices and virtual keystores; evolving wireless/sensor applications using near field communication (NFC), RFID, Bluetooth, and Wi-Fi.
TC members are also designing new mechanisms for API instrumentation, suitable for use in prototyping, profiling, and testing in resource-constrained application environments. These updates enable support for easy integration of PKCS #11 with other cryptographic key management system (CKMS) standards, including a broader range of cryptographic algorithms and CKMS cryptographic service models.
For more information on the PKCS 11 TC, see the TC Charter.
No subcommittees have been formed for this TC.
Tim Hudson (Cryptsoft) has been appointed by the PKCS 11 TC as liaison to the OASIS KMIP TC.
PKCS #11 V2.40
The latest documents for PKCS #11 V2.40 are in "Committee Specification" status, and have completed their public review of their drafts in the summer of 2014. The documents are now in Committee Specification status and approaching final public review as of December 2014. This draft builds on the foundation of PKCS #11 V2.30, and is backwards compatible to PKCS #11 V2.20.
External resources have not yet been identified.
- OASIS Press Release: Twelve Companies Demonstrate Interoperability for OASIS KMIP and PKCS #11 Encryption and Cryptographic Token Interface Standards at RSA 2015: Cryptosense, Cryptsoft, Dell, Feitian, Fornetix, HP, IBM, Oracle, P6R, Thales, Utimaco, and Vormetric Collaborate to Prove Multi-Vendor Interoperability; 21 Apr 2015
- Eleven Companies Demo Interoperability for KMIP and PKCS #11 OASIS Standards at RSA Conference 2014: Cryptosense, Cryptsoft, Dell, Feitian, HP, IBM, P6R, Oracle, SafeNet, Thales e-Security, and Vormetric Show Support for Key Management and Cryptographic Token Interface Standards; 24 Feb 2014
- "OASIS Enhances Popular Public-Key Cryptography Standard, PKCS #11, for Mobile and Cloud", 26 March 2013
Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.