OASIS Key Management Interoperability Protocol (KMIP) TC

Join TC     TC Page     Send a comment to this TC

Advancing interoperability standards for enterprise encryption key management

Judith Furlong, Judith.Furlong@dell.com, Chair
Greg Scott, greg.scott@cryptsoft.com, Chair
Jeff Bartell, Secretary

Table of Contents

Announcements

The Key Management Interoperability Protocol Specification Version 2.1 and Key Management Interoperability Protocol Profiles Version 2.1 are now OASIS Standards. For details, see the announcement.

Key Management Interoperability Protocol Specification Version 2.1 and Key Management Interoperability Protocol Profiles Version 2.1KMIP Test Cases v2.1 and KMIP Usage Guide v2.1 are published as Committee Notes. For details, see the CS announcement here and the CN announcement here.

Key Management Interoperability Protocol Specification Version 2.1 and Key Management Interoperability Protocol Profiles Version 2.1 are presented for review and comment through 13 March 2020. For details, see the announcement.

The Key Management Interoperability Protocol Specification Version 2.0 and Key Management Interoperability Protocol Profiles Version 2.0 are now OASIS Standards. For details, see the announcement.

Key Management Interoperability Protocol Specification Version 1.4 Errata 01 has been released. https://www.oasis-open.org/news/announcements/kmip-specification-v2-0-and-kmip-profiles-v2-0-from-kmip-tc-approved-as-committee.

OASIS Awards 2018 Open Standards Cup to KMIP for Key Management Security and SARIF for Static Analysis Tools; 20 Aug 2018

Latest Advances in OASIS KMIP and PKCS #11 Encryption and Cryptographic Standards Demonstrated by 10 Companies at RSA Conference 2018: Cryptsoft, Fornetix, IBM Security, Kryptus, Micro Focus, P6R, Quintessence Labs, Thales eSecurity, Unbound Tech, and Utimaco Demo KMIP Interoperability and/or PKCS #11 Support; 16 April 2018

In memory of Bob Lockhart - The KMIP TC recognizes the contributions of Bob Lockhart as a founding member of the KMIP Technical Committee, a driving force in the global cryptography and key management industry, a contributor of great knowledge, experience and humor and a danger to coffee beans everywhere. The members of the KMIP Technical Committee honor his legacy by continuing the work he so passionately believed in.

KMIP Specification v1.4 and KMIP Profiles v1.4 become OASIS Standards. OASIS is pleased to announce that Key Management Interoperability Protocol Specification Version 1.4 and Key Management Interoperability Protocol Profiles Version 1.4 have been approved by the membership as OASIS Standards 27 Nov 2017.

Participation in the OASIS KMIP TC is open to all interested parties, including architects, designers, implementers, providers, and consumers of enterprise key management services. Contact member-services@oasis-open.org for more information on joining the TC.

Overview

The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP will provide better data security while at the same time reducing expenditures on multiple products.

For more information, see the TC Charter and FAQ.

Subcommittees

KMIP Interoperability Subcommittee

Standing Rules

The OASIS KMIP TC has instituted the following standing rules:

  • The KMIP TC is to be represented at an interoperability event by KMIP TC voting member organisations.
  • At an Interoperability Event, interoperability between implementations needs to be proven to the satisfaction of the participants, well ahead of any demonstration commencing.
  • In order for the KMIP TC to accept a Statement of Use, the submitting member needs to have participated in a plugfest or interop test for that version of the specification. This applies for KMIP v1.3 onward.

Technical Work Produced by the Committee

The KMIP documents are available at the following locations:

  • Key Management Interoperability Protocol Specification Version 2.1 (OASIS Standard) HTML
  • Key Management Interoperability Protocol Profiles Version 2.1 (OASIS Standard) HTML
  • Key Management Interoperability Protocol Specification Version 2.1 (Committee Specification) HTML
  • Key Management Interoperability Protocol Profiles Version 2.1 (Committee Specification) HTML
  • Key Management Interoperability Protocol Test Cases Version 2.1 (Committee Note) HTML
  • Key Management Interoperability Protocol Usage Guide Version 2.1 (Committee Note) HTML
  • KMIP Specification V2.0 (OASIS Standard) HTML
  • KMIP Profiles V2.0 (OASIS Standard) HTML
  • KMIP Test Cases v2.0 (Committee Note) pdf html
  • KMIP Usage Guide V2.0 (Committee Note) pdf html

The KMIP Technical Committee maintains a Wiki here.

Expository Work Produced by the Committee

External Resources

Although not produced by the OASIS KMIP TC, the following information offers useful insights into its work:

GNC article: "The rising danger to data is making KMIP important", 2013 Jun 27

Cover Pages News Story on KMIP
Cover Pages Report on Cryptographic Key Management

Mailing Lists and Comments

kmip: the list used by TC members to conduct Committee work. TC membership is required to post. TC members are automatically subscribed; the public may view archives.

kmip-comment: a public mail list for providing input to the OASIS KMIP TC members. Send a comment or view archives.

Press Coverage and Commentary

Additional Information

Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.