30-day Public Reviews for 12 #KMIP Committee Specification Drafts and 2 KMIP Committee Note Drafts
The OASIS Key Management Interoperability Protocol (KMIP) TC [1] members have recently approved 10 Committee Specification Drafts (CSD) and 2 Committee Note Drafts and submitted them for 30-day public review:
Key Management Interoperability Protocol Specification Version 1.2
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Tape Library Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Symmetric Key Lifecycle Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Suite B Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Opaque Managed Object Store Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Cryptographic Services Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Asymmetric Key Lifecycle Profile Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
KMIP Additional Message Encodings Version 1.0
Committee Specification Draft 01 / Public Review Draft 01
09 January 2014
Key Management Interoperability Protocol Usage Guide Version 1.2
Committee Note Draft 01 / Public Review Draft 01
09 January 2014
Key Management Interoperability Protocol Test Cases Version 1.2
Committee Note Draft 01 / Public Review Draft 01
09 January 2014
Specification Overview:
KMIP v1.2 enhances the KMIP v1.1 standard (established in February 2013) by
1) defining new functionality in the protocol to improve interoperability;
2) defining additional Test Cases for verifying and validating the new functionality;
3) providing additional information in the KMIP Usage Guide to assist in effective implementation of KMIP in key management clients and servers; and
4) defining new profiles for establishing KMIP-compliant implementations.
The Key Management Interoperability Protocol (KMIP) is a single, comprehensive protocol for communication between clients that request any of a wide range of encryption keys and servers that store and manage those keys. By replacing redundant, incompatible key management protocols, KMIP provides better data security while at the same time reducing expenditures on multiple products.
These documents are intended for developers and architects who wish to design systems and applications that interoperate using the Key Management Interoperability Protocol Specification.
– Key Management Interoperability Protocol Specification Version 1.2 provides the core specification.
– KMIP Tape Library Profile Version 1.0 describes a profile for Tape Libraries as KMIP clients interacting with KMIP servers.
– KMIP Symmetric Key Lifecycle Profile Version 1.0 describes a profile for a KMIP server performing symmetric key lifecycle operations based on requests received from a KMIP client.
– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0 describes a profile for a KMIP server creating FIPS140-2 approved symmetric key algorithms based on requests received from a KMIP client.
– KMIP Suite B Profile Version 1.0 describes a profile for KMIP clients and KMIP servers using Suite B cryptography that has been approved by NIST for use by the U.S. Government and specified in NIST standards or recommendations.
– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0 describes a profile for Storage Arrays with Self-Encrypting Drives as KMIP clients interacting with KMIP servers.
– KMIP Opaque Managed Object Store Profile Version 1.0 describes a profile for a KMIP server performing opaque managed object storage operations based on requests received from a KMIP client.
– KMIP Cryptographic Services Profile Version 1.0 describes the use of KMIP operations to support cryptographic services being performed by a KMIP server on behalf of a KMIP client for key management operations.
– KMIP Asymmetric Key Lifecycle Profile Version 1.0 describes a profile for a KMIP server performing asymmetric key lifecycle operations based on requests received from a KMIP client.
– KMIP Additional Message Encodings Version 1.0 describes additional (optional) message encodings as an alternative to the (mandatory) raw TTLV encoding including: HTTP, JSON, and XML.
– Key Management Interoperability Protocol Usage Guide Version 1.2 is intended to complement the Key Management Interoperability Protocol Specification by providing guidance on how to implement KMIP most effectively to ensure interoperability and to address key management usage scenarios.
– Key Management Interoperability Protocol Test Cases Version 1.2 is intended for developers and architects who wish to design systems and applications that interoperate using the Key Management Interoperability Protocol specification.
Public Review Period:
The public review starts 19 February 2014 at 00:00 GMT and ends 20 March 2014 at 23:59 GMT.
This is an open invitation to comment. OASIS solicits feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.
URIs:
The prose specification documents and related files are available here:
– Key Management Interoperability Protocol Specification Version 1.2
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/spec/v1.2/csprd01/kmip-spec-v1.2-csprd01.doc
HTML:
http://docs.oasis-open.org/kmip/spec/v1.2/csprd01/kmip-spec-v1.2-csprd01.html
PDF:
http://docs.oasis-open.org/kmip/spec/v1.2/csprd01/kmip-spec-v1.2-csprd01.pdf
– KMIP Tape Library Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/csprd01/kmip-tape-lib-profile-v1.0-csprd01.doc
– KMIP Symmetric Key Lifecycle Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/csprd01/kmip-sym-key-profile-v1.0-csprd01.doc
– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-sym-foundry-profile/v1.0/csprd01/kmip-sym-foundry-profile-v1.0-csprd01.doc
– KMIP Suite B Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-suite-b-profile/v1.0/csprd01/kmip-suite-b-profile-v1.0-csprd01.doc
– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-sa-sed-profile/v1.0/csprd01/kmip-sa-sed-profile-v1.0-csprd01.doc
– KMIP Opaque Managed Object Store Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-opaque-obj-profile/v1.0/csprd01/kmip-opaque-obj-profile-v1.0-csprd01.doc
– KMIP Cryptographic Services Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/csprd01/kmip-cs-profile-v1.0-csprd01.doc
HTML:
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/csprd01/kmip-cs-profile-v1.0-csprd01.html
PDF:
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/csprd01/kmip-cs-profile-v1.0-csprd01.pdf
– KMIP Asymmetric Key Lifecycle Profile Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-asym-key-profile/v1.0/csprd01/kmip-asym-key-profile-v1.0-csprd01.doc
– KMIP Additional Message Encodings Version 1.0
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/csprd01/kmip-addtl-msg-enc-v1.0-csprd01.doc
HTML:
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/csprd01/kmip-addtl-msg-enc-v1.0-csprd01.html
PDF:
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/csprd01/kmip-addtl-msg-enc-v1.0-csprd01.pdf
– Key Management Interoperability Protocol Usage Guide Version 1.2
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.doc
HTML:
http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.html
PDF:
http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.pdf
– Key Management Interoperability Protocol Test Cases Version 1.2
Editable Source (Authoritative):
http://docs.oasis-open.org/kmip/testcases/v1.2/cnprd01/kmip-testcases-v1.2-cnprd01.doc
HTML:
http://docs.oasis-open.org/kmip/testcases/v1.2/cnprd01/kmip-testcases-v1.2-cnprd01.html
PDF:
http://docs.oasis-open.org/kmip/testcases/v1.2/cnprd01/kmip-testcases-v1.2-cnprd01.pdf
ZIP distribution file (complete):
For your convenience, OASIS provides complete packages of the prose specifications and related files in ZIP distribution files. You can download these ZIP files here:
– Key Management Interoperability Protocol Specification Version 1.2
http://docs.oasis-open.org/kmip/spec/v1.2/csprd01/kmip-spec-v1.2-csprd01.zip
– KMIP Tape Library Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-tape-lib-profile/v1.0/csprd01/kmip-tape-lib-profile-v1.0-csprd01.zip
– KMIP Symmetric Key Lifecycle Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-sym-key-profile/v1.0/csprd01/kmip-sym-key-profile-v1.0-csprd01.zip
– KMIP Symmetric Key Foundry for FIPS 140-2 Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-sym-foundry-profile/v1.0/csprd01/kmip-sym-foundry-profile-v1.0-csprd01.zip
– KMIP Suite B Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-suite-b-profile/v1.0/csprd01/kmip-suite-b-profile-v1.0-csprd01.zip
– KMIP Storage Array with Self-Encrypting Drives Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-sa-sed-profile/v1.0/csprd01/kmip-sa-sed-profile-v1.0-csprd01.zip
– KMIP Opaque Managed Object Store Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-opaque-obj-profile/v1.0/csprd01/kmip-opaque-obj-profile-v1.0-csprd01.zip
– KMIP Cryptographic Services Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-cs-profile/v1.0/csprd01/kmip-cs-profile-v1.0-csprd01.zip
– KMIP Asymmetric Key Lifecycle Profile Version 1.0
http://docs.oasis-open.org/kmip/kmip-asym-key-profile/v1.0/csprd01/kmip-asym-key-profile-v1.0-csprd01.zip
– KMIP Additional Message Encodings Version 1.0
http://docs.oasis-open.org/kmip/kmip-addtl-msg-enc/v1.0/csprd01/kmip-addtl-msg-enc-v1.0-csprd01.zip
– Key Management Interoperability Protocol Usage Guide Version 1.2
http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.zip
– Key Management Interoperability Protocol Test Cases Version 1.2
http://docs.oasis-open.org/kmip/testcases/v1.2/cnprd01/kmip-testcases-v1.2-cnprd01.zip
Additional information about the specification and the OASIS Key Management Interoperability Protocol (KMIP) TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/kmip/
Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page, or directly at:
https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=kmip
Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/kmip-comment/
All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with these public reviews of 10 KMIP Committee Specification Drafts and 2 Committee Note Drafts, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.
OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.
========== Additional references:
[1] OASIS Key Management Interoperability Protocol (KMIP) TC
http://www.oasis-open.org/committees/kmip/
[2] http://www.oasis-open.org/who/intellectualproperty.php
[3] http://www.oasis-open.org/committees/kmip/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr#s10.2.2
RF on RAND Mode