Two Committee Specifications published by the KMIP TC: KMIP Specification V1.3 and KMIP Profiles V1.3

OASIS is pleased to announce the approval and publication of two new Committee Specification by the members of the OASIS Key Management Interoperability Protocol (KMIP) TC:

Key Management Interoperability Protocol Specification Version 1.3
Committee Specification 01
28 July 2016

Key Management Interoperability Protocol Profiles Version 1.3
Committee Specification 01
28 July 2016

What is KMIP and why should I be interested?

The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients that request any of a wide range of encryption keys and servers that store and manage those keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures on multiple products.

KMIP v1.3 enhances the KMIP v1.2 standard by:

- defining new functionality in the protocol to improve interoperability;
- defining additional Test Cases for verifying and validating the new functionality;
- providing additional information in the KMIP Usage Guide to assist in effective implementation of KMIP in key management clients and servers; and
- defining new profiles for establishing KMIP-compliant implementations.

The KMIP Specification describes the protocol used for the communication between clients and servers to perform management operations on objects stored and maintained by a key management system. This includes symmetric and asymmetric cryptographic keys, digital certificates, and templates used to simplify the creation of objects and control their use.

The KMIP Profiles provide a selected set of base level conformance profiles and authentication suites; additional KMIP Profiles define specific sets of KMIP functionality for conformance purposes.

This is a final deliverable. Completed and approved by the TC, this OASIS Committee Specification is fully ready for implementation. If submitted for further ratification as an OASIS Standard, its content will not change.

About the TC:

The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients that request any of a wide range of encryption keys and servers that store and manage those keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures on multiple products.

URIs:
The prose specifications and related files are available here:

- Key Management Interoperability Protocol Specification Version 1.3

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/spec/v1.3/cs01/kmip-spec-v1.3-cs01.docx

HTML:
http://docs.oasis-open.org/kmip/spec/v1.3/cs01/kmip-spec-v1.3-cs01.html

PDF:
http://docs.oasis-open.org/kmip/spec/v1.3/cs01/kmip-spec-v1.3-cs01.pdf

- Key Management Interoperability Protocol Profiles Version 1.3

Editable source (Authoritative):
http://docs.oasis-open.org/kmip/profiles/v1.3/cs01/kmip-profiles-v1.3-cs...

HTML:
http://docs.oasis-open.org/kmip/profiles/v1.3/cs01/kmip-profiles-v1.3-cs...

PDF:
http://docs.oasis-open.org/kmip/profiles/v1.3/cs01/kmip-profiles-v1.3-cs...

Test cases:
http://docs.oasis-open.org/kmip/profiles/v1.3/cs01/test-cases/kmip-v1.3/...
http://docs.oasis-open.org/kmip/profiles/v1.3/cs01/test-cases/kmip-v1.3/...

Distribution ZIP files

For your convenience, OASIS provides a complete package of each prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

- Key Management Interoperability Protocol Specification Version 1.3: http://docs.oasis-open.org/kmip/spec/v1.3/cs01/kmip-spec-v1.3-cs01.zip

- Key Management Interoperability Protocol Profiles Version 1.3: http://docs.oasis-open.org/kmip/profiles/v1.3/cs01/kmip-profiles-v1.3-cs...

Members of the OASIS Key Management Interoperability Protocol (KMIP) TC [1] approved this specification by Special Majority Votes. The specifications had been released for public review as required by the TC Process [2]. The votes to approve as Committee Specifications passed [3], and the document are now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Key Management Interoperability Protocol (KMIP) TC
https://www.oasis-open.org/committees/kmip/

[2] Public reviews:
- Key Management Interoperability Protocol Specification Version 1.3
- 30-day public review, 17 February 2016: https://lists.oasis-open.org/archives/members/201602/msg00002.html
- Comment resolution log: http://docs.oasis-open.org/kmip/spec/v1.3/csprd01/kmip-spec-v1.3-csprd01...

- Key Management Interoperability Protocol Profiles Version 1.3
- 30-day public review, 17 May 2016: https://lists.oasis-open.org/archives/members/201605/msg00003.html
- Comment resolution log: http://docs.oasis-open.org/kmip/profiles/v1.3/csprd01/kmip-profiles-v1.3...

[3] Approval ballots:
- Key Management Interoperability Protocol Specification Version 1.3: https://www.oasis-open.org/committees/ballot.php?id=2952

- Key Management Interoperability Protocol Profiles Version 1.3: https://www.oasis-open.org/committees/ballot.php?id=2951

Associated TC: 
Key Management Interoperability Protocol (KMIP)
Associated MS: 
IDtrust