Key Management Interoperability Protocol Usage Guide Version 1.2

Total Page:16

File Type:pdf, Size:1020Kb

Key Management Interoperability Protocol Usage Guide Version 1.2

1

1

2 Key Management Interoperability

3 Protocol Usage Guide Version 1.2

4 Committee Note Draft 02 / 5 Public Review Draft 02

6 19 June 2014

7 Specification URIs 8 This version: 9 http://docs.oasis-open.org/kmip/ug/v1.2/cnprd02/kmip-ug-v1.2-cnprd02.doc 10 (Authoritative) 11 http://docs.oasis-open.org/kmip/ug/v1.2/cnprd02/kmip-ug-v1.2-cnprd02.html 12 http://docs.oasis-open.org/kmip/ug/v1.2/cnprd02/kmip-ug-v1.2-cnprd02.pdf 13 Previous version: 14 http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.doc 15 (Authoritative) 16 http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.html 17 http://docs.oasis-open.org/kmip/ug/v1.2/cnprd01/kmip-ug-v1.2-cnprd01.pdf 18 Latest version: 19 http://docs.oasis-open.org/kmip/ug/v1.2/kmip-ug-v1.2.doc (Authoritative) 20 http://docs.oasis-open.org/kmip/ug/v1.2/kmip-ug-v1.2.html 21 http://docs.oasis-open.org/kmip/ug/v1.2/kmip-ug-v1.2.pdf 22 Technical Committee: 23 OASIS Key Management Interoperability Protocol (KMIP) TC 24 Chairs: 25 Subhash Sankuratripati ([email protected]), NetApp 26 Saikat Saha ([email protected]), Oracle 27 Editors: 28 Indra Fitzgerald ([email protected]), HP 29 Judith Furlong ([email protected]), EMC Corporation 30 Related work: 31 This document replaces or supersedes:

2 3 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 72 71 70 69 68 67 66 65 64 63 62 61 60 59 58 57 56 55 5 8 7 6 4 4) 3) 2) 1) v1.2enhancesKMIP the v1.1 KMIP standard (established in February 2013) by interoperability and address to key management usage scenarios. Specification by guidanceproviding how on implementmost to KMIP to effectively ensure documentThis is intendedcomplement to the Management Key Interoperability Protocol Abstract:  kmip-ug-v1.2-cnprd02 and Furlong. Judith Committee 19 2014. June DraftOASIS Note 02 / Review Public Draft 02. ManagementKey Interoperability Protocol Usage Guide 1.2.Version [kmip-ug-v1.2] When this documentreferencing the citation following format should used: be format:Citation open.org/committees/kmip/ “ Committee’s list. email Others send should comments the to Technical Committee by theusing Technical Committeemembers send should comments thisdocument on the to Technical “Latest locationversion” noted above forpossiblelater this revisions of document. (KMIP)Protocol TC the on above date.The level approval of is also Checklisted above. the documentThis was revised last or theapproved by Management OASIS Key Interoperability Status: multiple products. protocols, provides data KMIP better while security at samethe time reducing expenditureson that storeand those manage keys. By replacing redundant, incompatible key management communication clients between that request any of widea range encryption keysof and servers ManagementThe Interoperability Key Protocol is a (KMIP) single, comprehensive for protocol Non-Standards TrackNon-Standards Send A CommentSend A testcases-v1.2.html and Faruqui. LatestFaisal version:  profiles-v1.2.html and Lockhart.Robert Latest version:  spec-v1.2.html Thota and Burgin. Kelley version: Latest  documentThis is related to: ug-v1.1.html andFitzgerald Robert Griffin. Latest version. ManagementKey Interoperability Protocol Usage Guide 1.1Version defining new profiles forestablishing KMIP-compliant implementations. implementation of in key KMIP management clients and servers; and additionalproviding information KMIPin the UsageGuide to inassist effective defining additional Test Cases for verifying and validating the new functionality; defining newin functionality protocolthe improve to interoperability; ManagementKey Interoperability Protocol Cases Test Version 1.2 ManagementKey Interoperability Protocol Profiles 1.2Version ManagementKey Interoperability Protocol Specification 1.2 Version . ” button the on Technical Committee’s web page at . . . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply . This Non-Standards is a Work Product. Track http://docs.oasis-open.org/kmip/testcases/v1.2/kmip- http://docs.oasis-open.org/kmip/profiles/v1.2/kmip- http://docs.oasis-open.org/kmip/spec/v1.2/kmip- http://docs.oasis-open.org/kmip/ug/v1.1/kmip- Copyright © Copyright OASIS Open Reserved.Rights© All 2014. Edited by Indra Fitzgerald . Edited. by HudsonTim http://www.oasis- . Edited. by Indra . . . Edited Tim by Hudson . . Edited Kiranby 19 June 192014 Page 2 of 83

[Type the document title] 94 93 92 91 90 89 88 87 86 85 84 83 82 81 80 79 78 77 76 75 74 73 10 97 96 95 13 12 11 9 WARRANTY THATWARRANTY OF THEUSE THE OWNERSHIP HEREIN INFRINGE INFORMATION WILL NOT ANY EXPRESS ALL INCLUDINGDISCLAIMS WARRANTIES, ORBUT IMPLIED, LIMITED ANY NOT TO documentThis and the containedinformation is herein provided an on "AS IS" andbasis OASIS successors or assigns. The limited permissions granted aboveare perpetual not and will be by revoked OASIS or its translate it intolanguages than other English. applicable copyrights, to as forthset IPR in the Policy, must OASIS be or required followed) as to ordocument deliverable produced by Technical an Committee OASIS (in which case the rules copyright the references notice OASIS, or to asexcept for needed purpose the of developing any However, thisdocumentworks. itself may be not modified in any including way, by removing abovethat the copyright notice and this section included are on all such derivative copies and published, copied, distributed, and orin whole part, without restriction anyof kind, provided works that on comment explain or otherwise it or assist in its implementation may be prepared, documentThis and of translations it may be furnishedcopied and to others, and derivative website.OASIS PropertyIntellectual Rights (the IPR Policy Policy"). "OASIS The full All capitalized interms the text following have the meanings assigned them to in the OASIS Copyright OASIS© Open All Rights2014. Reserved. http://docs.oasis-open.org/kmip/ug/v1.2/kmip-ug-v1.2.html http://docs.oasis-open.org/kmip/ug/v1.2/cnprd02/kmip-ug-v1.2-cnprd02.html kmip-ug-v1.2-cnprd02 PURPOSE. ORRIGHTS MERCHANTABILITY ANY WARRANTIES IMPLIED OF OR FOR A FITNESS PARTICULAR Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Policy . may be found at the .

Latest Latest version: 19 June 192014 Page 3 of 83

[Type the document title] 117 116 115 114 113 112 111 110 109 108 107 106 105 104 103 102 101 100 133 132 131 130 129 128 127 126 125 124 123 122 121 120 119 118 99 98 15 18 17 16 14 3 2 1 Table Contentsof kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards 3.12 Canceling 3.12 Canceling OperationsAsynchronous 3.11 Query 3.10 Result Message Text 3.9 Unique Identifiers 3.8 Message Extensions 3.7 Archive Operations 3.6 Template State 3.5 TimesKey and 3.4 AllocationUsage Notify3.3 Using and Put Operations 3.2 Authorization forRevoke, Recover, Destroy and Archive Operations 3.1 Authentication Life-cycle2.13 Key and Key State 2.12 2.11 2.10 Batched and Requests Responses 2.9 and2.8 Synchronous Asynchronous Operations 2.7 2.6 Support for Cryptographic Objects Policy2.5 Server 2.4 Extensible Protocol 2.3 2.2 Message Security of2.1 Island Trust 1.2 References (non-normative) 1.1 References (normative) 3.15 Reducing 3.15 Reducing throughMultiple Requests of the Use Batch 3.14 Returning RelatedObjects Hash3.13 Multi-instance 3.6.1 Template3.6.1 UsageExamples Credential3.1.1 KMIPUsing Functionality Assumptions Introduction Support for and“Intelligent Clients” “Key Devices”Using Client-Server Message-basedModel State-less Server Large Responses Large Reliable Message Delivery ...... The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply ...... This Non-Standards is a Work Product. Track ...... Copyright © Copyright OASIS Open Reserved.Rights© All 2014...... 19 June 192014 Page 4 of 12 12 11 11 11 11 11 11 11 10 24 24 24 23 23 23 23 23 23 21 20 19 18 18 17 14 14 14 13 13 13 12 12 83 7 7

[Type the document title] 155 154 153 152 151 150 149 148 147 146 145 144 143 142 141 140 139 138 137 136 135 134 171 170 169 168 167 166 165 164 163 162 161 160 159 158 157 156 20 23 22 21 19 kmip-ug-v1.2-cnprd02 4 Non-Standards TrackNon-Standards 4.2 Wrapped4.2 Using Keys with KMIP 4.1 Locate Queries 3.42 EllipticCurve Cryptography Mapping(ECC) Algorithm 3.41 Compromised Objects Key3.40 Split 3.39 Passing Data Attestation 3.38 Cryptographic Service 3.37 Use Meta-Data of (MDO)Only Keys 3.36 Using “Raw” Keythe Format Type 3.35 Certificate Revocation Lists 3.34 Vendor Extensions 3.33 Discover Versions 3.32 Cryptographic Length of AsymmetricKeys 3.31 Using Same the Key Asymmetric Pair in Multiple Algorithms Encoding3.30 Key 3.29 Certificate Renewal, Update, and Re-key 3.28 Revocation Reason Codes 3.27 Mutating Attributes 3.26 Application Specific Information 3.25 AsymmetricConcepts with Keys Symmetric 3.24 Non-Cryptographic Objects 3.23 Registering Key a Pair 3.22 Specifying Attributes duringa Pair Create Key Re-key Pair Operationor Key 3.21 Certify and Re-certify 3.20 Object Group Block3.19 Key 3.18 ID Placeholder 3.17 Using in Re-keyOffset and Re-certify Operations 3.16 Maximum MessageSize Request andRequest Response Encrypt-only4.2.2 Examplewith Symmetric a as Key an for Encryption Key Registera and Response Encrypt-only4.2.1 Examplewith Symmetric a as Key an for Encryption Key GetRequesta FunctionalityApplying KMIP Triple-DES3.30.1 Encoding Key Example3.22.1 Specifying Attributes of during the PairCreate Operation Key and and Response Encrypt-only4.2.3 Examplewith an Key Asymmetric anas for Encryption Key GetRequest a ...... The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply ...... This Non-Standards is a Work Product. Track ...... Copyright © Copyright OASIS Open Reserved.Rights© All 2014...... 19 June 192014 Page 5 of 36 36 35 35 33 33 32 29 29 28 27 26 25 25 24 52 51 50 49 48 48 43 43 42 41 40 40 39 39 39 38 38 38 37 37 83

[Type the document title] 193 192 191 190 189 188 187 186 185 184 183 182 181 180 179 178 177 176 175 174 173 172 195 194 25 28 27 26 24 Appendix D.Appendix C.Appendix B.Appendix A.Appendix 6 5 kmip-ug-v1.2-cnprd02 E.Appendix Non-Standards TrackNon-Standards 5.3 5.3 PGP and Certificate Certificate Types Request 5.2 AttributeCertificate Related Fields Deprecation5.1 KMIP Rule Client 4.7 ModelsKMIP Registration KMIP4.6 Using forPGP Keys 4.5 Registering Extension Information 4.4 Extension InformationQuery 4.3 NamingInteroperable Key Tape for Implementation Implementation Conformance FunctionalityDeprecated KMIP Registering4.7.3 Sub-Clients Based a on Trusted Primary Client Automated4.7.2 Client Registration Manual4.7.1 Client Registration Native4.3.1 TapeEncryption a by Client KMIP Encoding 4.2.6 Wrapped for Option Keys Registering 4.2.5 a Wrapped as Key Opaquean Cryptographic Object Response MAC-onlyExample4.2.4 an with HMAC Key an as Authentication Key Get fora andRequest ...... Revision HistoryRevision Specification Cross KMIP Reference FiguresTable of and Tables Acronyms Acknowledgements The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply ...... This Non-Standards is a Work Product. Track ...... Copyright © Copyright OASIS Open Reserved.Rights© All 2014...... 19 June 192014 Page 6 of 65 65 63 63 62 61 60 60 59 55 54 53 53 52 82 76 75 72 69 68 66 65 83

[Type the document title] 212 211 210 209 208 207 206 205 204 203 202 201 200 199 198 197 196 232 219 218 231 230 229 228 227 226 225 224 223 222 221 220 217 216 215 214 213 30 33 32 31 29 ECC Brainpool Brainpool ECC Curves Standard Curve and v.Generation 1.0.19.10.2005 [ECC-Brainpool] 1.1 (Tag/Type/Length/Value) format for the exchangesdefinedmessage those by test cases. TC] assistanceFurther forimplementing KMIP by is provided the Test Cases KMIP document authentication are suites definedin the Profiles KMIP specification toscenarios keyor solve management related issues. selected A ofset conformance profiles and Descriptions howof use to functionality KMIP address to key specific management usage    particular, it includes the guidance: following effectivelymost ensure to interoperability and address to key management usage scenarios. In guidanceproviding how on implement to the Management Key Interoperability (KMIP) Protocol thecomplement Key Management Interoperability Specification Protocol KeyThis Management Interoperability Usage Protocol 1.2 isGuide Version intended to 1 kmip-ug-v1.2-cnprd02 [KMIP-Spec] http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf The Keyed-HashAuthenticationMessage Code(HMAC) 198-1] [FIPS http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf AdvancedEncryption Standard (AES) 197] [FIPS http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf SignatureDigital Standard (DSS) 186-4] [FIPS http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf Secure Hash Standard (SHS) 180-4] [FIPS brainpool.org/download/Domain-parameters.pdf Non-Standards TrackNon-Standards References (normative)

that describes that describes seta recommended of test casesand provides TTLV the Clarification mandatory of and capabilitiesoptional conformant for implementations. Specific recommendations for implementation of KMIP particular functionality. and implementationthe KMIP-compliant of key management. Clarification assumptions of and requirements that or drive influence the of design KMIP Introduction The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply , PUB FIPS 180-4, March 2012, This Non-Standards is a Work Product. Track . FIPS PUBFIPS 186-4.. 2013. July . 197.. NovemberPUB FIPS 26, 2001. . Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . 198-1.. July PUB FIPS 2008. [KMIP-Prof] . , , [KMIP-Spec] http://www.ecc- .

19 June 192014 by Page [KMIP- 7 of 83

[Type the document title] 235 234 233 279 278 277 276 275 274 273 272 271 270 269 268 267 266 265 264 263 262 261 260 259 258 257 256 255 254 253 252 251 250 249 248 247 246 245 244 243 242 241 240 239 238 237 236 35 38 37 36 34 Infrastructure CertificatePolicy Certificationand Practices Framework S. Chokhani, C. Ford, Sabett, S.W. R. and Wu. Merrill, [RFC3647] ProceduresAuthentication Linn, J. [RFC1421] http://www.ietf.org/rfc/rfc1321.txt Rivest, R. [RFC1321] ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-10/pkcs-10v1_7.pdf Laboratories. RSA PKCS#10 Certificationv1.7: Syntax Request Standard. 26, May 2000. [PKCS#10] ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf Laboratories. RSA PKCS#1v2.1: Cryptography RSA June Standard. 2002.14, [PKCS#1] https://www.oasis-open.org/committees/document.php?document_id=49689&wg_abbrev=kmip Key ManagementInteroperabili [KMIP-Prof] document_id=50670&wg_abbrev=kmip Draft 01. ManagementKey Interoperability Protocol Specification 1.2, Version kmip-ug-v1.2-cnprd02 [RFC5272] Format. November 2007 Callas, J. L. Donnerhacke, ShawD. Finney, Thayer.H. R. and [RFC4880] http://www.ietf.org/rfc/rfc4949.txt Shirey.R. [RFC4949] RFC 4211, Sep IETF 2005 Schaad, J. [RFC4211] http://www.ietf.org/rfc/rfc4210.txt CertificateManagement (CMP)Protocol S. Adams, Farrell,T. andC. Mononen,Kause T. [RFC4210] http://www.ietf.org/rfc/rfc3647.txt Non-Standards TrackNon-Standards Privacy Enhancement Privacy Internet Electronic for Mail:

12 September 12 2013. The The MD5Message-Digest Algorithm RFC4949: InternetX.509 Public KeyInfrastructure Certificate Message Request Format (CRMF) Internet Security Glossary,Version 2 . . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply http://www.ietf.org/rfc/rfc4880.txt , RFC, 1421, Feb 1993,IETF , , http://www.ietf.org/rfc/rfc4211.txt This Non-Standards is a Work Product. Track https://www.oasis-open.org/committees/document.php? ty ty ProfilesProtocol Version1.2 , RFC, 2510, Sep IETF 2005, , RFC, 1321, Apr IETF 1992, Internet X.509 Public Key Infrastructure Copyright © Copyright OASIS Open Reserved.Rights© All 2014.

RFC3647: Internet RFC3647: X.509 Public Key http://www.ietf.org/rfc/rfc1421.txt

Part Message Part I: Encryption and . . August2007. . RFC4880: RFC4880: Message OpenPGP

Working Working 02. Draft Committee Specification . November . 2003. .

25June 2013. 19 June 192014 Page 8 of 83 ,

[Type the document title] 330 329 328 327 326 325 324 323 322 321 320 319 318 317 316 315 314 313 312 311 310 309 308 307 306 305 304 303 302 301 300 299 298 297 296 295 294 293 292 291 290 289 288 287 286 285 284 283 282 281 280 40 43 42 41 39 EstablishmentSchemes Discrete Using CryptographyLogarithm Chen, E. Barker, L. A. Roginsky,and Smid, M. [SP800-56A] http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf GMACand (GCM) Dworkin.M. [SP800-38D] 38a/sp800-38a.pdf Special NIST Publication Dec 800-38A, 2001. Dworkin.M. [SP800-38A] http://www.secg.org/collateral/sec2_final.pdf 2: Recommended SEC Domain Curve Elliptic Parameters, [SEC] Generation Merkle,Lochter,M. J. [RFC5639] 2008. X.509Public Key InfrastructureCertificateand CertificateRevocation List Profile. (CRL) Cooper, Santesson,D. Farrell,S.S. Boeyen, S. Housley,andR. Polk.W. [RFC5280] http://www.ietf.org/rfc/rfc5272.txt Schaadand J. Meyers,M. kmip-ug-v1.2-cnprd02 Services Industry ANSI, [X9.31] 200811-S https://www.itu.int/rec/T-REC-X.509/recommendation.asp?lang=en&parent=T-REC-X.509- interconnection – Public-key andThe Directory: attribute frameworkscertificate InternationalTelecommunications Union (ITU)-T, [X.509] http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf Cipher Block Barker W. E.and Barker, [SP800-67] http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf Part (Revision1: General 3) PolkW. E. and Barker, Burr, W. Smid, M. [SP800-57-1] 56Ar2.pdf Revision56A 2,2013, May Non-Standards TrackNon-Standards http://www.ietf.org/rfc/rfc5280.txt X9.31: Digital SignaturesX9.31:Digital Reversible Using Public KeyCryptography for Financialthe , RFC, 5639, March IETF 2010, RecommendationBlock Cipherfor Modesof Operation:Galois/Counter Mode RecommendationBlock Cipherfor Modesof Operation – Methods Techniquesand , NIST NIST Publication, Special 800-67 Revision 1,2012, January

(rDSA) . . Special NIST Publication 800-38D. 2007. Nov Elliptic Curve Cryptography Curve Elliptic Brainpool (ECC) CurvesStandard Curveand The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply . . September1998. Recommendationsfor DataTriplethe Algorithm (TDEA)Encryption CertificateManagement CMS(CMC) over http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800- , NIST NIST Publication, Special 800-57 Part 1 July Revision 3, 2012, This Non-Standards is a Work Product. Track

http://www.ietf.org/rfc/rfc5639.txt . . http://csrc.nist.gov/publications/nistpubs/800- RecommendationsPair-Wise Keyfor X.509: Information technology Open – systems RecommendationsKeyManagement for – Copyright © Copyright OASIS Open Reserved.Rights© All 2014. , , Special NIST Publication 800- , IETF RFC IETF RFC , 5272, Jun2008, . RFC5280: Internet RFC5280: . , November , 2008, 19 June 192014 Page May 9 of . . 83

[Type the document title] 345 344 343 342 341 340 339 338 337 336 335 334 333 332 331 45 48 47 46 44 document_id=50188&wg_abbrev=kmip 2013 ManagementKey Interoperability Protocol Cases Test Version 1.2. [KMIP-TC] 1.2 [ SignatureDigital Algorithm (ECDSA) ANSI, [X9.62] DiscreteSymmetric Keys Using CryptographyLogarithm ANSI, [X9.42] kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards References (non-normative) https://www.oasis-open.org/committees/document.php? X9.62:Public KeyCryptography for FinancialtheServices Industry, Curve TheElliptic X9.42:Public KeyCryptography for FinancialtheServices Industry: Agreement of The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track , , 2005.

Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . . 2003. Working Draft 02. .

6 August 6 Page Page 19 June 192014 10 of 83

[Type the document title] 363 362 361 360 359 358 357 356 355 354 353 352 351 350 349 348 347 346 377 376 375 374 373 372 371 370 369 368 367 366 365 364 50 53 52 51 49 maintains state, no that only the does protocol require this. not conceptno of inherent “sessions” protocol.in the This notdoes mean that the itself server The operates protocol the on assumption that the is server state-less, which means that there is 1.5 ismechanism intended for importing or exporting managed objects.cryptographic ValuethatKey does not therely on transportmechanism used for the wrappingmessages; the authentication and protection against replay KMIPattack. offers wrapping a mechanism forthe and client on underlyingthe transport provide to protocol confidentiality, integrity, message relies theKMIP on chosenauthentication suite specified as in 1.4 requirement for the management key however,system, enforce to thisbehavior. theuse keys inexplicitly ways not allowed by server the non-compliant.are There is no purposesthe explicitly listedin the delivery payload. Clients that ignore these and instructions mayClients be key provided material the by server, but they use only materialthat keying for 1.3 andclients servers that theutilize protocol. The section describes assumptions that underliethe protocol KMIP theand implementation of 2 kmip-ug-v1.2-cnprd02 includes: The supports protocol managementkey system-related objects.cryptographic listThis currently 1.8 impactperformance the of requested operation, any ofor number a of considerations. other a bySuch decision the may server reflect the trustrelationship a with client, particular settable attribute disallowed if by server the (whetherpolicy expressed within KMIP). or outside inspecified server expectedA is be to toconformant and KMIP the supports conformance clauses as 1.7 they optional are mandatory.or implementation are always implementedas inspecified among vendor However,implementations. any objects, attributes and included operations in an The provides protocol for “private” or vendor-specific extensions, whichdifferentiation for allow 1.6 Non-Standards TrackNon-Standards Support for Cryptographic Objects Server Policy Extensible Protocol State-less Server Security Message of Island Trust Assumptions [KMIP-Spec] . . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply However, server a amay refuse server-supported operation or client- This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. [KMIP-Spec] [KMIP-Prof] , regardless whether of . to authenticate to the Page Page 19 June 192014 11 of 83

[Type the document title] 398 397 396 395 394 393 392 391 390 389 388 387 386 385 384 383 382 381 380 379 378 414 413 412 411 410 409 408 407 406 405 404 403 402 401 400 399 55 58 57 56 54 from thefrom Asynchronous server. operations (optional) thoseare in which the sends client a operations(mandatory) are in which athose clienta sends request and for waits responsea The two allows protocol modes operation: of synchronous and asynchronous. Synchronous 1.10 described in the specification. in order receivesuch to events/notifications. Registration is implementation-specific and not These Notify features or Put optionally are bysupported serversand clients. Clients may register model, wherebythe initiates server protocolthe exchange with a either or Put Notify operation. cryptographicof objects clients to using Putthe operation; that is, protocol the a allows “push” unsolicited eventsnotification of clients to the using Notify operation, and unsolicited delivery a sends response theto client. The alsoprovides protocol mechanisms optional allow to for exchanges protocol initiated are a sendingby client a request a to message server, which then The operates protocol primarily client-server, in a message-based model. meansThis that most 1.9 kmip-ug-v1.2-cnprd02 requestsremaining in the batch undo(but not previously operations).successful A IDspecial afterprocessing anrequests earlier request in the fails;batch or stop to processing the whether undo to allsuccessful previous operations once a in therequest batch fails; continue to and operationsperforming group. in a A Error Batch Continuation is option provided indicate to numberlarge entities, of g., e. requesting dozens or hundreds keys of a from at server time, one corresponding batched forresponses, allow to throughput higher on that operations deal with a The contains protocol a mechanism for sending batched andrequests receiving the 1.12 subset theof featuresof KMIP. alternate messagerepresentations in order less-capable support to devices, which only need a requesting the all of functions also KMIP.of It subsetstheallows of protocol possible and The supports protocol clients, intelligent such end-useras workstations, which capableare of 1.11 operations, but may support to choose not asynchronous operations. responsecompleted and completion status. Server implementations must synchronous support request, the responds server a with “pending” status, the and client server polls the forthe Non-Standards TrackNon-Standards Client-Server Model Message-based Batched Requests and Responses Support for “Intelligent and Clients” “Key Devices” Using Synchronous and Asynchronous Operations        Opaque (non-interpretable) cryptographic objects DataSecret Certificates PGP Keys Key Asymmetric Pairs (Publicand Private Keys) (multi-part)Split Keys KeysSymmetric The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 12 of 83

[Type the document title] 429 428 427 426 425 424 423 422 421 420 419 418 417 416 415 60 63 62 61 59 defining time-related attributes of objects discussed are in Section supported the protocol.by KMIP Particular ofimplications the life-cycle key model inof terms [KMIP-Spec] 1.15 returned. toresponse suchrequest a that the would response havebeen too therefore, and, large is not theoperation maximum number of which should items returned. be The server indicates in a in aspecify request maximum the sizeallowed of response a or in the thecase of Locate requestsFor that could result inresponses, large a mechanism protocolin the a allows to client 1.14 keythe management itself.protocol The reliable messagedelivery is function relegated to the transport protocol, and ispart not of 1.13 pipelined. Placeholder Section (see kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards Key Life-cycle and Key State Large Responses Reliable Delivery Message

describes describes keythe life-cycle model, based the on The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply 1.33 ) provided) is in KMIP related allow to requests batch in a be to This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. [SP800-57-1] 1.20 below. . key state definitions, Page Page 19 June 192014 13 of 83

[Type the document title] 449 448 447 446 445 444 443 442 441 440 439 438 437 436 435 434 433 432 431 430 465 464 463 462 461 460 459 458 457 456 455 454 453 452 451 450 65 68 67 66 64 authentication authenticates machine servicea thator is used by multiple usersof KMIP the from requestor Credentialthe structure. supports This caseswhereuse channel-level insteadand specifiedis in the Credential the structure, interprets server identity the of the password) in the request. If the requestor’s username isspecified not insidethe client certificate during a handshake, TLS clientthe passes the Credential structure a (e.g., username and channel-level authentication. For example, toin addition mutual performing authentication Credential structure server’s configuration, server the may interpretthe identity the of requestor thefrom inside the Header Request mechanismsspecific forauthentication may use the implementations thatKMIP possible and for optional implementations. KMIP assuite in specified Clientmessaging. authentication is performed to according the authenticationchosen KMIP confidentialitychannel and integrity, and discussed inAs 1.16 Interoperability Specification.Protocol sectionThis provides on guidance the using functionality described in the Management Key 3 kmip-ug-v1.2-cnprd02 The typeserver. of information within convey this object varies based the on credential. type of client,about the the but contents this of object managed not are by the managementkey The Credential object defined in the 1.16.1 for operations which authentication and authorization are important.particularly authentication of client notthe are in specified the protocol. However, see Section decisions regardingServer which operations reject to there if is strong insufficiently code probingby client a that isable not authenticate. to error, should thiserror returned be in preference any to other result prevents status. This status If authentication is unsuccessful, it is possible and returnto an “authentication not successful” request server message, the is expected refuse to authentication and return an error. username in is provided clientthe certificate and Credential no structure is included in the request, the username of requestorthe is expectedbe to provided inside the certificate. authentication and fails the returns server error.an If Credential no structure is included in the Credential the structure, verifies server that the usernames the are same. If they the differ, Ifserver. the client theprovides username of requestorthe in both clientthe certificate and the Non-Standards TrackNon-Standards Authentication Using KMIP Using Functionality Credential [KMIP-Spec] [KMIP-Prof] , contained Authenticationin the structure The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply to include identificationadditional information. Depending the on , a, conforming KMIP implementation establishes and maintains support KMIP-defined the Credential Types or This Non-Standards is a Work Product. Track . . mechanismsOther forclient and authentication server are [KMIP-Spec] provides assuranceprovides of is a structureto information used convey optional Authenticationoptional structure specified Copyright © Copyright OASIS Open Reserved.Rights© All 2014. if it isprovided not duringthe server server authenticity for KMIP . use vendor- other 1.17 Page Page 19 June 192014 for for If If no 14 of 83

[Type the document title] 485 484 483 482 481 480 479 478 477 476 475 474 473 472 471 470 469 468 467 466 465 487 486 70 73 72 71 69 TLS. An exampleTLS. An is illustrated below: clientthe certificate and KMIP supports the while back-end may devices not KMIP support or CredentialThe Device may be used proxyin a environment where the authenticatesproxy with Credentialthe Type in the Credential structure. CredentialThe Device may be used uniquelyto identify back-end by devices specifying as Device 1.16.1.2 Password structure. in thisscenario identify to individual clients specifying by the username in the Username and service that byis used multipleclients of KMIP Thethe Credentialserver. structure may be used above, for certaincases, use channel-level authentication may authenticate only a or machine The Credential structure to is used additionalprovide identification information. As described Password ofstructure the Credential structure. in theprovided Message Request, the Password is field an optional in thefield Username and certificateclient authentication handshake,during the TLS and Authentication the structure is oneusing the of authentication suites definedin recommended, but optional, field, which may be onlyexcluded the if authenticated client is and Password. The structure of consists two fields: Username and Password. Password is a [KMIP-Spec] 1.16.1.1 Attestation 1.2 three supports KMIP credential types: kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards DeviceCredential Type PasswordandUsername Credential Type .

defines the defines the Username and Password structure for the Credential Type Username The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Username and Password [KMIP-Prof] Copyright © Copyright OASIS Open Reserved.Rights© All 2014. For For example, theperformsif client , Device CredentialDevice . Page Page and 19 June 192014 15 of 83

[Type the document title] 509 508 507 506 505 504 503 502 501 500 499 498 497 496 495 494 493 492 491 490 489 488 526 525 524 523 522 521 520 519 518 517 516 515 514 513 512 511 510 75 78 77 76 74 These additional are identifiers useful for generally auditing monitoring and encryption and above identifiersto insure uniqueness. The identifier device choice by policy server of may or may be not used in conjunction with the identifiers Four optionally are butprovided unique are in aggregate: and the enforce optionally use a of Credential Device password. values,identifier combinations of certificate used TLS in combination the Credential,with Device implementationsServer may choose enforce to rules for uniquenessdifferent for types of device. generic An usage. password optional or shared secret may usedbe further to authenticate the identifiertypes of values explicitly are enumerated. Theidentifier device is included formore explicitly mapshould different to typesdevice and interoperability achieve better since different devicethe duringmanufacturing. The abilityto machine, network, use media identifieror identifier. manyFor of self-encrypting the there devices is uniquea serial number assigned to hardwaredevice serial number, the network identifier, the identifier, machine or the media deviceThe end identifies with itself device a unique ofset values identifier that include the F kmip-ug-v1.2-cnprd02 Another example using self-encrypting diskinsideof drives a be: would server specificA self-encrypting examplefor tape and drive tape library be: would accordingcould server to be usedpolicy logged in server or implementation specific validation. Non-Standards TrackNon-Standards 4. 3. 2. 1. 2. 1. 5. 4. 3. 2. 1. IGURE the disk the has drive uniquea serial number encryption reporting mediathe identifier identify helps the individual such asmedia tape a forcartridge of proof in question machinea can identifier be used identify to the tape library that the is aggregating device World NameWide assigned tape the mayconnecteddrives be fiber via to channel librarythe and therefore havea authenticate the drive passworda optionally createdis and either stored theon or drive the tolibrary help procedures formaintaining and tracking serial number usage tape the has drive seriala number that for is unique that manufacturer andvendor the has Identifier,Media forexample volume the identifier for used tapea cartridge aggregating tape drives Machine Identifier, for examplethe client aggregator identifier, such as tapea library Identifier,Network forexample MACthe address forEthernet connected devices Number, exampleSerial for the hardware of serial number the device located passworda may be bysupplied configurationof the server ordrive the drive where the is

1 : A : GGREGATOR C LIENT The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply E XAMPLE This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 16 of 83

[Type the document title] 549 548 547 546 545 544 543 542 541 540 539 538 537 536 535 534 533 532 531 530 529 528 527 565 564 563 562 561 560 559 558 557 556 555 554 553 552 551 550 80 83 82 81 79 nor specific restrictserver implementations. examplesThese are usage of areand meant not defineto allcredential device usage patterns be: Another example applied virtualization server to encryption and built intovirtualization would credential to fields access influence enforcement. control implementationsServer could whatcontrol devices may andread keys write and the use device kmip-ug-v1.2-cnprd02 may also require additional authentication ensure to that the object or owner a officer security isoperation an object owner,security officer or identity other authorized the issue to request. It Suites section in operations, itensure should that the client authenticatedhas its identity the (see Authentication and/orperformance on security. key When receives server a requesta forone these of Destroy Archive,and may have a significant impact on the ofavailability key, a server on Certain thatoperations may be requested by client KMIP,a particularly via Revoke, Recover, operations. established forKMIP-compliant This implementations. authentication is performed forall KMIP The authentication suite, as specified in 1.17 and code ofreason not item found. identification, client it may choose reject to requestthe with error an code of failedoperation When is server nota able the resolve to identifier devicevalues in the credential a to unique thewith request and depending implicitly registered upon policy.server The credentials device may be explicitly theadded by administrator be or may captured in line Non-Standards TrackNon-Standards 5. 4. 3. 2. 1. 5. 4. 3. Authorization for Revoke, Recover, Destroy and Archive Operations machine mediathe identifier could usedbe identify to the storage by volume used the virtual machinethe could identifier be used identifyto the hypervisor virtual where the ismachine running networkthe identifier be could used identify to the MACof address the physical server virtual machine hypervisorthe a supplies shared usedsecret that asis password the to authenticate the virtualthe instance machine a has unique that identifier is used forthe serial number system identify to the volume the on disk drive and media the identifier comes the from volume name used theby server’s operating identifier, machinethe may identifier come from server’s a motherboard or service processor in the server networkthe identifier may come the from internalattachment for identifier disk drivethe [KMIP-Prof] The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply . The should. server also ensure that the requesting theclient This Non-Standards is a Work Product. Track [KMIP-Prof] , describes how clientthe identity is Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 17 of 83

[Type the document title] 588 587 586 585 584 583 582 581 580 579 578 577 576 575 574 573 572 571 570 569 568 567 566 605 604 603 602 601 600 599 598 597 596 595 594 593 592 591 590 589 85 88 87 86 84 In using In Notify Put, and followingthe constraints and guidelines be should observed: KMIPbetween and servers clients. implementations.KMIP However, theya provide for mechanism optimized communication (e.g., functions polling to by notification),request these operations optional are for conforming server, ratherthe than the client-initiated client. As arerequests able these perform to andThe Notify Put operations theare operations only in the that protocol areKMIP by initiated 1.18 may choose to not this act upon dependingrequest server on policy. shouldoperations considered only be “hint” a themanagement to key which system, or may issuedhas that request. Even with such authentication and authorization, requests for these kmip-ug-v1.2-cnprd02 requests rather than single a larger request to minimize the likelihood of unused allocation allocations be should small asas possible; it is preferable to use multiplesmaller allocation keeping the maximum possible usage allocation per client request moderate). In general, usage stable storage at the client, and/or having conservative allocation policies at the by server (e.g., is possibletoIt address this through such approaches as caching usage allocation information on tosession be re-encrypted a using different key, theif is server not toable allocate more usage. following a client failure during encryption may result in necessitythe for the entire tape backup key usedbeing for encryption the tapes, of such a the loss of usage allocation information clienttypes of failures (crashes) may render allocated usage lost. For example, in the case of a Usage be should allocated handled and carefully at the client, since power outages or other 1.19 Non-Standards TrackNon-Standards Usage Allocation Usage     and Put Operations Notify Using between abetween proxy and theentity client other, using potentially proprietary mechanisms. server, KMIP,behalf on using the of client.possible It is secure to communication communication the with happens server a via entity proxy that communicates the with clientFor that devices are ofincapable to responding messagesfrom server, the transport-levelusing acknowledgement provided in TCP/IP. acknowledgement may atbe communication below layers the layer,KMIP suchby as returnsmessages acknowledgements of these messagesto server.the This as server result ofa server-initiated communication, client receivingany Notify or Put order to In possible minimize of divergence state key informationor between client and wrapped keys is recommended. communicationsclient/server integrity means of by signed content message and/or mandatory authentication mechanisms (see client/serverparticular implementation is at minimum a accomplished one using the of Communication the between client and server the is authenticated. Authentication fora attributes may included inbe a Put particularfor a client. includes specification a of givenwhether a client Put supports and and Notify, what However, such registration is outside scope the the protocol.of KMIP Registration also Notifywhich a or being Put sentis and which the eventsfor Notify supported. are enrollsThe client with so the server, serverthat the how locate knows to client the to The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track [KMIP-Prof] Copyright © Copyright OASIS Open Reserved.Rights© All 2014. ). Further strengthening theof . Page Page 19 June 192014 18 . . of 83

[Type the document title] 625 624 623 622 621 620 619 618 617 616 615 614 613 612 611 610 609 608 607 606 641 640 639 638 637 636 635 634 633 632 631 630 629 628 627 626 90 93 92 91 89 [KMIP-Spec] 1.20 kmip-ug-v1.2-cnprd02 usingIn these the attributes, following should guidelines observed: be Date) not are specified by clientthe and implicitly are set by server.the asexceptions noted in These attributes apply all to cryptographic objects (symmetric keys, asymmetricetc.) keys, with Non-Standards TrackNon-Standards           Key State and Times Coordination ofCoordination time-related attributes between client and server, istherefore, Date and Deactivation Date) mayset be by serverthe and/or requested by client. the the of time attributes (particularly the Date,Activation Protect Start Date, Process Stop once andset it is not possibleforthe client or modify to server them. However, several discussed for As of each these attributes in storage. Archive Date: The date and when thetime managed object was placed in Off-Line entered intothe compromised state. Date:Compromise The date and time managedwhen the cryptographic object was first object was believed be to compromised. OccurrenceCompromise Date: The date and time managedwhen the cryptographic destroyed Destroy The dateDate: and time when the cryptographicmanaged object was unwrapping,signature verification, or MAC verification, permission is granted the symmetricmanaged object cankey be used for decryption, MACing,wrapping, deriving). longerbeno used for Deactivation Date: The date and when the time managed cryptographic object should longer be for used applying protectioncryptographic to data Protect Stop Date: The timedate and when a symmetricmanaged key object no should objectsymmetric key should be not used this to prior date. tobegin used be processing for cryptographically protected data. The managed Start Date:Process The date and time managedwhen a symmetric key object should tobegin used be applying for cryptographic protection data. to Date:Activation The date and time managedwhen the cryptographic object should bycreated or at registered the server. Date:Initial The date and when the time managed cryptographic first object was the serverthe accepts client modifications time-related to may attributes, be state. However, special conditions related time-relatedto attributes, governing when theprimarily responsibility of server, as the it manages cryptographicthe object and its

provides number a of time-related attributes, theincluding following: [KMIP-Spec] The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track applying protection cryptographic (e.g., encryption, signing, . . However, certainthese attributes of (such the as Initial Under extraordinary circumstances and when special [KMIP-Spec] Copyright © Copyright OASIS Open Reserved.Rights© All 2014. , a number a of these are times . Page Page 19 June 192014 19 of 83

[Type the document title] 664 663 662 661 660 659 658 657 656 655 654 653 652 651 650 649 648 647 646 645 644 643 642 680 679 678 677 676 675 674 673 672 671 670 669 668 667 666 665 95 98 97 96 94 kmip-ug-v1.2-cnprd02 values. ofInstead specifying individually attribute, each template a mayused be provide to attribute The templates usage of alternative is an approachfor attributes insetting operationan request. 1.21 toable request that object. server A maintainshould consistent a state foreach acrossobject, that all have clients or are object state the from of point all view participating of andclients should, therefore, avoided. be clients. However, approach such an might result in significantinconsistencies regarding the clients, evenafter that same key is movedan to state inactive (e.g., state) Deactivated other for in somenecessary cases, suchwhen a as maintains server the availability a of for given key some maintain different or present of sets attributes fordifferent clients. flexibility This may be the allows KMIP specification of attributes per-client a on basis, such that could server a Non-Standards TrackNon-Standards Template     information aboutinformation the object, suchthe as Unique Identifier. After cryptographic a object isa destroyed, key management may server retain certain thedate, should server these to set the Deactivation Date. batch.in a If time-related other attributes Protect (e.g., Stop Date) set are a to future thedestroy object by thecalling Destroy operation. Theseoperations may performedbe Deactivation Date of the object. Oncethe object is state,in Deactivated clients may destroy To an object, first Active clients thecall operation Revoke set or explicitly the returnsserver an error, the if clientthe invokes Destroy operation an on object. Active does anKMIP allow not Active destroyedobject be to thewith Destroy operation. The protectioncryptographic to dataencryption). (e.g., decryption)(e.g., after long it is no longerappropriate use to it forapplying for particularly symmetric a keys,as key may needed be for processing data protected KMIP Date. implementations consider should specifying these attributes, both theSimilarly, Process Start Date mayequal be to, but may precede, not the Activation The Protect Stop Date mayequal be to, but may be not laterthan the Deactivation Date. Date Activation Activation(if the Date has been set). Date has Abeen specified. Deactivation valid thanDate is or greater equal the to however,means, that the not key is yet active, even though its projected Deactivation is validIt havea to projected Deactivation Date when there is Activation no This Date. thefrom at server the thattime the client performed that on operation givena key. and Deactivation This Date. is intended primarily for clients disconnectedthat were clients allows specifyKMIP to in times past suchthe for attributes as Activation Date andStart Date, Protect Stop Date. timesspecify in the future asfor such things Activation DeactivationDate, Date, Process Pair,Create Key Activate, Register, Revoke, and Destroy. However, need clients tomay stategeneral, transitions a occur as operationalresult of such requests, as Create, communicated out-of-band thebetween client and outside server scope the KMIP.of In The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 20 of 83

[Type the document title] 702 701 700 699 698 697 696 695 694 693 692 691 690 689 688 687 686 685 684 683 682 681 100 717 716 715 714 713 711 710 709 706 705 704 703 712 708 707 103 102 101 99 used toused createa symmetric key. ahow templateis registered. The secondexample how shows the newlytemplate registered is The of purpose these examplesis to templatesillustrate how used. are The first example shows 1.21.1 toused identify the template when referenced insidea structure.Template-Attribute operation, the Unique Identifierto is used identify the Thetemplate. template name is only areTemplates using created the operation.Register When the templateis the subject of an Add ModifyAttribute, Delete Attribute, DeleteAttribute, and Destroy operations. mayTemplates be the thesubject of Locate, Register, Get, GetAttributes, Get Attribute List, private cryptographicmanaged objects. Template-AttributeKey tags specification allowing of differentattributes for publicthe and Pair use operations the Common Template-Attribute, Private Key Attribute,Template and Public Keykey Pair operations theuse Template-Attribute tag. The Create Key Pair and Re-key the Key certify operations. these Alloperations of with exceptionthe of Create the Pair andKey the Re- in the CreateCreate, Key Pair, Re-key,Register, Re-key Pair, Key, Key Derive andCertify, Re- attributesindividual (zero more) to or specified be operationin an request. The structure is used The Template-Attribute allowsstructure formultipletemplate names (zeroor more) and Attribute structure when attributes managed fora object are in KMIP set operations. attribute forthe template itself bemust is set. used It identify to the template Template-in the withincontained the template managed object. When registeringa template, the Name specificationthe as template A also has attributes that applicableare to templatethe which are itself to referred in kmip-ug-v1.2-cnprd02 isThe specified following Requestinside the Register Payload: key AES thewith Cryptographic Usage set Mask Encrypt to Decrypt.and this In example, clienta template registers a encapsulating by attributes for creating a 256-bit 1.21.1.1.1 Non-Standards TrackNon-Standards    TemplateExamplesUsage  Template  Template-Attribute: ObjectType:Template  Exampleof Registering a Template  Attribute   Attribute   Attribute Attribute Cryptographic Name: Length Attribute Value: AES Attribute Cryptographic Name: Algorithm Attribute Value: Template1 Attribute Name Name : associated attributes The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track to to themdistinguish the from attributes that are Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 21 of 83

[Type the document title] 738 737 736 735 732 731 730 729 728 727 726 725 724 723 722 721 720 719 718 105 752 751 750 749 748 747 746 745 744 743 742 741 740 739 734 733 104 108 107 106 The following isThe specified following Createin the Payload:Request key. this In clientexample, the uses templatethe in created example to 3.6.1 256-bitcreate a AES 1.21.1.2 template objects is used forthispurpose and is specified in the Specification. KMIP be to policies for specified controlling operations theon template itself. The defaultpolicy for is notIt to used operations control the on templateitself. does KMIP not operation allow The Operation OperationPolicy1 Policy to applies key AES the being using created the template. kmip-ug-v1.2-cnprd02 the protocolof KMIP specified. templates to refer the as handling of templates in a vary server KMIP depending the on version may needclients to mindful be of this change when registeringor performing which operations 1.2 alters thishandling provide to clarification of the expected handling fortemplates. KMIP value by returned the Getoperation templatefor a was subject varyingto interpretations. KMIP objects using created template a thoseand applicable to the template managed object. The of Versions prior version KMIP KMIP to 1.2 acontained fixed attributes list of applicable to 1.21.1.3 is registered; however, examplethis particular this sets attribute separately. attributes. possible It is specify to Custom Attributethe inside templatethe when the template The Template-Attribute specifiesstructure a both templatename and additional associated Non-Standards TrackNon-Standards   Compatibility Note:Compatibility ExampleCreating of aSymmetric Key ausingTemplate    Template-Attribute: ObjectType:Symmetric Key    Attribute: Attribute: Template1Name:   Attribute   Attribute Attribute Value: Attribute Value: 256     Attribute Value: OperationPolicy1 Attribute Operation Name: Policy Name Attribute Value: Encrypt and Decrypt Attribute Cryptographic Name: UsageMask Attribute Attribute Value: ID74592 x-CustomAttribute Name: Attribute1 Attribute Value: AESkey NameAttribute Name: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 22 of 83

[Type the document title] 772 771 770 769 768 767 766 765 764 763 762 761 760 759 758 757 756 755 754 753 110 784 783 782 781 780 779 778 777 776 775 774 773 109 113 112 111 How client a specifiesthe language for Result theMessages is outside scope of the KMIP implementationvendor KMIP of appropriate provide language for support Return the Message. implementation-specific. In consideration internationalization, of it recommended thatis any [KMIP-Spec] contents.message the For Result and Status Result the Reason, enumerations provided in specifiestheKMIP Result Status, the Reason andResult the Result normative Messageas 1.25 registration/configuration mayused be communicate to thisrequirement the to server clientsFor that require unique inidentifiers a special form, out-of-band 1.24 structure. allows This implementations to KMIP createmultipleextensions the to protocol. ofAny number vendor-specificextensions may included in be the Message Extension optional 1.23 retainedthe attributes may include Unique Identifier and State. minimal set attributesof be retained thewithin operational for server efficiency. such a In case, ArchiveWhen the is operation performed, it is recommended that uniquea and identifier a 1.22 conform the to specification. KMIP that requires for support betemplates cannot guaranteed interoperate to with all that servers theAs baseline profile server does mandate not (require) fortemplatessupport KMIP a client kmip-ug-v1.2-cnprd02 isoperation implementation-dependent and definedbynot KMIP. operations. The determination how of a long should server theretain statusan of asynchronous is theIt responsibility of server the determineto whendiscard to the status asynchronous of server. Identification and ofremediation partially completed operations the responsibilityis of the in the result any code regarding operations that may havebeen partially completed. asynchronousIf an is operation cancelled by the informationclient, no is returned theby server 1.27 request that operation authentication. To determine whether an requiresoperation authentication, a should client doesQuery explicitly not support requests client to determine requirewhat operations 1.26 Non-Standards TrackNon-Standards Canceling AsynchronousCanceling Operations Query Result MessageText Identifiers Unique ExtensionsMessage Archive Operations are the normative values. The values forthe Result Message text are . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 . . 23 of 83

[Type the document title] 804 803 802 801 800 799 798 797 796 795 794 793 792 791 790 789 788 787 786 785 115 821 820 819 818 817 816 815 814 813 812 811 810 809 808 807 806 805 114 118 117 116 KMIP does does KMIP ensurenot that operations batch atomic are on the If side. servers server implement requestbatch For server. example, Locate and likelyGet are be to commonly accomplished within single a supports KMIP operationsbatch in order reduce to the number calls of between clientthe and 1.30 certificate, the client multiple issue should Getrequests obtain to these related objects in which multiplerelated objects needed are a by client,such as privatethe key andrelated the blockThe key returns a object, single associatedwith attributes and data.Forother cases those 1.29 would digest be calculated the by using server different a hash algorithm calculated the using SHA-1 algorithmand another using MD5 the algorithm. this In eachcase, (oftendigests referred as to fingerprintthe or the thumbprint) of their certificate:one managed object. example, For it is common practice for publicly CAs publishtrusted to two generated. multiple allows KMIP ofinstances digest the attribute to associatedbe the with same certificate. The always server generates the hashSHA-256 value when the object is orcreated The Digest attribute contains the output hashingof a managed suchobject, as keya or a 1.28 pollingprevious request or an “unavailable” response. requestsubsequent status for of that operation may return the either same status in as a clientOnce a has the received status an on asynchronous other operation than any“pending”, kmip-ug-v1.2-cnprd02 listreturned of unique identifiers. The Locate operation thealso supports concept of maximuma item countinclude to in the errorthe response. Maximum Response Sizeerror return not should attribute values or informationother part as of When processing requestsindividual the within batch, the that server has encountered a understandto what have operations have and beennot completed that point, ratherthan continuing with operations batch.in the This increases the client’s ability messagethe is large, too it should aprepare maximum messagesize error messageresponse at theof messageto returned be after request each with the Maximumspecified ResponseSize. If When is server processinga requests in a batch, itcompare should cumulativethe response size 1.31 serverthe supporting effectively atomicity batch for operations. casesthose in which it is assure possibleto the client,through mechanisms ofoutside KMIP, of implemented effectively atomic batches. of The use “undo”, therefore, be should to restricted in the thereprotocol, and is guarantee no that a thatserver “undo” supports mode has implementedoperations atomic as transactions. However, support for “undo” is optionalmode such atomicity, client the is able use to optionalthe mode “undo” to roll-backrequest forbatch Non-Standards TrackNon-Standards Maximum MessageSize Maximum Reducing Requests Multiple through theBatchof Use Returning Related Objects Hash Multi-instance . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . . . Page Page 19 June 192014 . 24 of 83

[Type the document title] 843 842 841 840 839 838 837 836 835 834 833 832 831 830 829 828 827 826 825 824 823 822 120 844 119 123 122 121 Identifier by returned certain operations; the applicable operations identified are in ofduration executing batch a operations. of The ID Placeholder is obtained from the Unique temporary consistingvariable of single a Unique Identifier that is insidethestored for server the number A of are operations byaffected mechanism a referred the as to ID Placeholder.This is a 1.33 contradiction (see smaller or less than initial allows date. KMIP back-dating of these values preventto this time, current the deactivation/activationthen date/process start date/protectstop date is deactivation date obtained are from the key,existing and initialthe date is obtained from the thatNote in re-key operations activation if date, startprocess date, protect datestop and intervalsthe used forthe certificate. previous certificate. with As the operation, all Re-key other for times certificatethe are determined using thedifference between Initial theDate of new certificate and the Date ofActivation the new The Re-certify allows operation client the to anspecify interval offset that indicates the previousthe from key,i.e., the Date Activation the Startto Date,Process Protect Stop Date, etc. for the are new key determined the from new Activation based Date, the on usedintervals by made and timethe when the of activation theoccurs. an key offset If specified, allis other times ofactivation the key. offset This specifies the ofduration between time the the time request is The and Re-key the Key Re-key Pair operations the toallow client an specify interval offset for interval The Re-key,Key Re-key and Pair, Re-certify operations the allow specification of offset an 1.32 kmip-ug-v1.2-cnprd02 withalong list a of operations that IDaccept the Placeholder as input. Non-Standards TrackNon-Standards ID Placeholder OffsetUsing inRe-key and Re-certify Operations . Derive Key Register Join Split Key Create Split Key Create Key Pair Create Operation [KMIP-Spec] The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track section request) inspecified the Identifiers may be (multiple- Unique - - - - operationthe beginningthe of at Placeholder ID 1.37 ). ID Symmetric of new Key ID registered of newly Object ID of objectreturned ID obtained via Locate) a ID Private of Keynew of (ID Key new Public may be ID Object of new stops) Placeholder usingthe(in case a ID failure, batch of operation ID operation upon completion ofthe Placeholder of theof split Part whose Key Identifier is 1 Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Table 1 Page Page 19 June 192014 25 , , of 83

[Type the document title] 125 858 857 856 855 854 853 852 851 850 849 848 847 846 845 859 124 128 127 126 kmip-ug-v1.2-cnprd02 following:include the andencrypting signing/MACing the Value). Some ofKey the attributes bethat may included be to boundcryptographically to Keythe Material(i.e., by encrypting, signing, or MACing, both The any allows protocol attribute to included inside be Keythe Valueand these allows attributes inside the Block Key the if client wrappedregisters a key. Specification insidethe GetRequest Payload. The Key DataWrapping may included also be the if only client requests Key the Valueto wrapped bybe specifying Keythe Wrapping informationprovides about the and wrapping key the wrapping mechanism, and is returned ValueconsistsThe Key of the MaterialandKey optional attributes. Wrapping The Key Data Type identifies the offormat the Material, Key e.g., Raw format or Transparent Key structure. consists Block of Keythe ValueType, the Value, Key and the WrappingKey Data. Value The Key The uses protocol Key the Block tostructure transporta to key the or server.client Key This 1.34 Non-Standards TrackNon-Standards Key Block  T Unique IdentifierUnique – identifies uniquely keythe Check Get Usage Allocation Obtain Lease Re-key Pair Key Re-key Re-certify Certify Archive/Recover Destroy Revoke Activate List/Modify/Add/Delete Get Attributes Validate Get Locate ABLE

1 : ID P ID : LACEHOLDER The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply P This Non-Standards is a Work Product. Track RIOR ID ofID Object ofID Key ofID Object rekeyedbe ofID Private to Key to Key rekeyedbe of ID Symmetric ofID Certificate ofID Public Key ofID Object ofID Object ofID Object ofID Object ofID Object - ofID Object -

TO

AND R ESULTING

FROM ID Symmetric of new Key ID Certificate of new ID Certificate of new no change no change no change no change no change - no change ID of located Object no no change no change no change obtained via Locate) a ID Private of Keynew of (ID Key new Public may be Copyright © Copyright OASIS Open Reserved.Rights© All 2014.

A KMIP O KMIP PERATION . Page Page 19 June 192014 26 of 83

[Type the document title] 883 882 881 876 875 874 873 872 871 870 869 868 130 901 900 899 898 897 896 895 894 893 892 891 890 889 888 887 886 885 884 880 879 878 877 867 866 865 864 863 862 861 860 129 133 132 131 the client. Clientsthe informed are of such a rules by mechanism notthat byis specified managementThe key system may rules valid specify for names group which be may created by 1.35 kmip-ug-v1.2-cnprd02 requests defaultthe from key group, a the uses server roundrobin selection to theserve key. is to policy roundrobinuse selection to a serve key group. a from In this casewhen a client ofThe definition a “default” object group in a is based server on One example policy. server of object.symmetric key and“SymmetricKeyGroup1” the Fresh attribute true to is set when creating or registering the addmember. To a new tosymmetric group, key the the Object Group attribute is set to attributeFresh is set true to for members the of at group the of time creating or registeringthe example, set a symmetric of keys belong the to Object Group and “SymmetricKeyGroup1” the registering an object. Subsequently, Freshthe attribute is modifiable by only server. the For withclient the Getoperation. The fresh value of may be asset attribute an when creating or Object is Group. an Fresh indication of memberwhether a of group a been retrievedhas a by clients allows specifyKMIP to whether it wants a “default” “fresh” or object a from common and objects add to them ofindependently client requests. intervals, maytime be linkedby common Object a Group. Servers may create predefined groups objects varietyfor a of purposes. set keys A of used fora common purpose, but for different naming or syntax schemes other restrictions the on names. may beGroups used associate to format. management Specific key system implementations may choose to hierarchicalsupport Spec] Non-Standards TrackNon-Standards Object GroupObject        KMIP_Spec also also tobe used prevent replayby attacks settingnonce a Attribute –Custom vendorsallows and to define clients vendor-specific attributes;may ActivationDates(e.g., ProcessDate, Protect Date,Start Date) Stop State Active)(e.g.,     bemayused Cryptographic – Parameters providesadditional parameters determining for how keythe Export)Key, Wrap Cryptographic UsageMask– the identifies cryptographic the usage (e.g., of key Encrypt, structure Key Block KeytheValue or structure Cryptographic (e.g., Length 256, 128, 2048) this attribute– iseither specified inside the KeytheBlock thestructureor Keystructure Value Cryptographic (e.g., 3DES,Algorithm attributeAES, – RSA) this insideis either specified Key Role Role Key Identifies Type – functional the (e.g., key role DEK, KEK) Hashing parameter Algorithm be to set different HMACsare definedindividually algorithms as doand require not the signature/encryptionthe Mask mechanism or Function; Generation note that the Hashing (e.g., Algorithm SHA-256)identifies – the hash algorithmto used be with applicable the signature or encryption scheme Padding Method OAEP, (e.g., PSS) – X9.31, identifies padding methodthe ifand ofmode operation, including block cipher-based or wrappingMACs mechanisms CipherBlock (e.g., Mode NISTKeyWrap, CBC, – GCM) thisparameter identifies the . . In the groupprotocol, the namesare themselves text strings of specified no The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . [KMIP- Page Page 19 June 192014 27 of 83

[Type the document title] 923 922 921 920 919 918 917 916 915 914 913 912 911 910 909 908 907 906 905 904 903 902 135 940 939 938 937 936 935 934 933 932 931 930 929 928 927 926 925 924 134 138 137 136 1.36 1.36 Getresponses.four uuid2, uuid3, and uuid1 (restarting from beginning withthe uuid1 for the request)fourth in the Member Group set “Groupto Default” Member in the Locate request,the returns server uuid1, batched Locate and withGet operations Object Group to set "symmetricKeyGroup2" and Object whose Unique Identifiers uuid1,uuid2, are uuid3. client If the performs consecutivefour thebe next key in the "symmetricKeyGroup2”; group the has group groupthree members default a returnedobject is from group. the In this example, the defines policy server default to "symmetricKeyGroup2) settingand the Object Groupflag to Member Member "Group Default", When Locate requesta is made by the specifying Object Group attribute (e.g., agenerate new object the on based on fly policy.server attribute to set Iftrue. there no are objectsfresh remaining in the servergroup, the may objectsmatching from specified the (e.g., group "symmetricKeyGroup1") have the Fresh "symmetricKeyGroup1) settingand the Object Groupflag to Member Member "Group Fresh", When Locate requesta is made by the specifying Object Group attribute (e.g., flagMember is used: FreshMember or Group Default. Member Following examplesofare how Object Groupthe member Object return. to Group Member enumeration is an that can takevalue Group the The Object Group flagMember is in specified the Locate request to indicate the group type of remove ofall members group. a policy server Apermits it. client need delete to would each member individual of group a to objectAn may be removed a from by group Object deleting Groupthe attribute, long as as kmip-ug-v1.2-cnprd02 instead the rely upon underlying certificate management protocols and (i.e., CMP CMC)to that in the thecase of CRMF format, CAs some may not thesupport CRMF POP option, but certificate request. is This referred Proof-of-Possession as to (POP). However, it be should noted thecreated certificate request private possesses the key corresponding the to key public in the andPKCS#10, PEM CRMF) provide means allowinga for to the CA verify clientthat the that All certificate formats request for requesting X.509 certificates inspecified supported any by CA which to the proxies server the requests.certificate supported is vendoralso a and decision, thismay, in part, be the based upon request formats certificatethe request onto separate a for CA processing. The certificate type of request formats whether the managementkey offers server certification (CA) authority orfunctionality proxies management within server Certify a or Re-Certify operation. It is vendora decision to as [KMIP-Spec] byprovided including the IssuerX.509 Certificate attribute in the Certify or Re-certify request. thespecify CA be to for used a signing Request, Certificate then this mayinformation be theoutside scope of If the KMIP. requires server and supports capability the for clients to multiple external CAs. How the routes server certificate a request a to CA is vendor-specific and managementThe key system may contain multipleembedded CAs or may have access to Non-Standards TrackNon-Standards Certify and Re-certifyCertify

supports for multipleoptions submitting certificatea request the to key The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . [KMIP-Spec] Page Page 19 June 192014 (i.e., 28 of 83

[Type the document title] 961 960 959 958 957 956 955 954 953 952 951 950 949 948 947 946 945 944 943 942 941 140 976 975 974 973 972 971 970 969 968 967 966 965 964 963 962 139 143 142 141 RSACom TemplateRSACom attributes: Template-Attribute the template includes andname RSACom other specifiedexplicitly common clientA specifiesseveral attributes in the Pair Create Key Payload.TheRequest Common 1.37.1 precedence: order of attribute is in specified multipleTemplate-Attribute objects, the following obeysserver the Privatethe Key Template-Attribute Public Key or Template-Attribute. If single-instancea publicthe and private key. Attributes that not are common both to may be keys using specified Attribute. The Common Template-Attribute object includes lista of attributes tothat apply both Common Template-Attribute,the Private Template-Attribute, Key Public and Key Template- The Pair Createand Key the Re-key Pair operationsKey clients allow specify to attributes using 1.37 PKCS#10, PEM)would need be to ifused needs to POP verified. be withinfunctionality themanagement key an server), alternative certificate request format (i.e., POP.provide In the case CA where does the support not POP thevia CRMF format CA (including kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards 4. 3. 2. 1.  AttributesSpecifying during a Create Key Pair or Re-key Key Pair Attributes Attributes via specified templates Commonthe in Template-Attribute Attributes explicitly specified Commonthe in Template-Attribute, then Attributes via specified templates Privatethe and in Public Key Template-Attribute, then Attributes explicitly specified Privatethe in Publicand Key Template-Attribute, then ExampleAttributesofSpecifying duringCreate the Key Pair Operation Operation     Template   Attribute   Attribute Attribute:   Attribute:   Attribute  Attribute Cryptographic Name: Length Attribute Value: RSA Attribute Cryptographic Name: Algorithm Attribute Value: Attribute Value: 1234 Attribute x-Serial Name:  Attribute Value: Attribute Cryptographic Name: Parameters Attribute Value: 2048 Padding OAEP Method: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 29 of 83

[Type the document title] 1013 1012 1011 1010 1008 1007 1002 1001 1000 1009 1006 1005 1004 1003 997 996 995 994 993 992 990 989 988 986 985 980 979 978 977 145 999 998 991 987 984 983 982 981 144 148 147 146 RSAPriv Template explicitly-specifiedother keyprivate attributes: The Private Template-AttributeKey includes reference a the to templatename RSAPriv and Common Template-Attribute kmip-ug-v1.2-cnprd02 Private Template-AttributeKey Non-Standards TrackNon-Standards          Attribute   Attribute   Name  Template   Attribute   Attribute   Attribute   Name     Attribute Attribute Value: 56789 Attribute x-ID Name:  Attribute Value: Attribute Cryptographic Name: Parameters Attribute Value: 4096 Attribute Cryptographic Name: Length: Type:Uninterpreted Name Text String Value: Name RSACom    Attribute Value: Attribute Name Name: Attribute Value: Unwrap Key Attribute Cryptographic Name: UsageMask Type:Uninterpreted Name Text String Value: Name RSAPriv Attribute Object Name: Group: Attribute Value: Attribute Value: encryption groupKey 2 Attribute Object Name: Group Padding PKCS1 Method: v1.5 Attribute Value: encryption groupKey 1 Name Name Type: Uninterpreted TextString PrivateKey1Name Value: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 30 of 83

[Type the document title] 1028 1027 1026 1025 1024 1023 1022 1021 1019 1018 1016 1015 1014 1043 1034 1033 1032 1031 1030 1029 1020 1017 1051 1050 1049 1048 1047 1046 1045 1044 1042 1041 1040 1039 1038 1037 1036 1035 150 149 153 152 151 Private Private Key client-specified attributes set: are theFollowing attribute precedencerule, the createsa server RSA 4096-bit key. The following KeyPublic Template-Attribute KeyThe Public Template explicitly-specifiedAttribute includes public attributes:key kmip-ug-v1.2-cnprd02 KeyPublic Non-Standards TrackNon-Standards                    Cryptographic Parameters:  Cryptographic Parameters: Cryptographic 4096 Length: Cryptographic Algorithm: RSA   Name: ObjectGroup: Key encryption 2 group ObjectGroup: Key encryption 1 group x-ID:56789 1234 x-Serial: Cryptographic Unwrap UsageMask: Key  Cryptographic Parameters:  Cryptographic Parameters: Cryptographic 4096 Length: Cryptographic Algorithm: RSA   Attribute   Attribute x-Serial: 1234 x-Serial: Cryptographic Wrap UsageMask: Key Name Type:Uninterpreted Name Text String Value: Name PrivateKey1 PaddingMethod: PKCS1 v1.5 PaddingMethod: OAEP   Attribute Value: Attribute Name Name: Attribute Value: Key Wrap Attribute Cryptographic Name: UsageMask PaddingMethod: PKCS1 v1.5 PaddingMethod: OAEP Name Name Type: Uninterpreted TextString PublicKey1Name Value: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 31 of 83

[Type the document title] 1073 1072 1071 1070 1069 1068 1067 1066 1065 1064 1063 1062 1061 1060 1059 1058 1057 1088 1087 1086 1085 1084 1083 1082 1081 1080 1079 1078 1077 1076 1075 1074 1056 1055 1054 1053 1052 155 154 158 157 156 Clients shouldClients the perform following when registeringsteps key a pair: server.the indeed tocorrespond other each applyand similar restrictions as the pairif waskey created on Link attributethe is set forboth the objects, should server verify registeredthat the objects Link attributes make to the awareserver that these keys associatedare each with When other. registering a pair. key are Clients to able objectsregister the independently and manually set the creating thepair. key protocoldoes The KMIP not ansupport equivalentoperation for Certainvice versa). attributes are same the for objectsboth and set are by server the while the by for server objecteach (i.e., link a is created thefrom private to publickey the key and aDuring Pair Createor Key Re-key Pair operation, Key Linka Attribute is automatically created 1.38 kmip-ug-v1.2-cnprd02 Mask, forthisobject unless stated.otherwise servers Similarly, certain set attributes for this purposes,cryptographic may stillclients certain set attributes, such as Cryptographicthe Usage defines Secret KMIP cryptographicData as objects. Even the if notobject is used for datapasswords or that usedare derive to keys. protocolallowsThe KMIP clients Data registerto Secret Data objects. Secret objects may include 1.39 Non-Standards TrackNon-Standards 5. 1. Non-Cryptographic Objects Registering a Key Pair    Register Register privatethe key setand associatedall attributes Register publicthe key setand associatedall attributes: f. e. d. c. b. a. c. b. a.   Name: ObjectGroup: Key encryption 1 group x-ID:56789 Identifier theIdentifier of correspondingPublic Key for Link Privatetheis set Key with Link Type public privateand key Cryptographic isset,butUsageMask containnot does the value same both for the privateand key Cryptographic beset;may Parameters valueset,the if bothsame is the publicfor the Cryptographic sameistheLength for both public privateand key Cryptographic isthe Algorithm bothsame for publicprivate and key Cryptographic UsageMask Cryptographic Length Cryptographic Algorithm Type:Uninterpreted Name Text String Value: Name PublicKey1 Identifier theIdentifier of correspondingPrivate Key for Link Publictheis set Key with Link Type The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. PrivateKeyLink Public Public Key Link . and Linkedthe Object and Linkedthe Object Page Page 19 June 192014 32 of 83

[Type the document title] 1109 1108 1107 1106 1105 1104 1103 1102 1101 1099 1098 1091 1090 1089 1125 1124 1123 1122 1121 1120 1119 1118 1117 1116 1115 1114 1113 1112 1111 1110 1100 1097 1096 1095 1094 1093 1092 160 159 163 162 161 cryptographic primitivescryptographic like “encrypt” vs. “decrypt” or vs. “sign” “verify”. There two are reasons these cases In it is sufficientnot describe to the usage policy the inon termskeys of generationperform operations. verifyonly tokens. The securitythe of system fails the if isverifying ableend use to the to key may onlyend cryptographic generate tokens thiskey using (the andMAC) the endother may an of operation awhere symmetric single key is used both at but ends, policy thatdictates one symmetric keys. is This common practice in established crypto systems: MAC the is an example The Cryptographic Usage attribute Mask is intended to asymmetricsupport usingconcepts 1.40 setare either by client the or the server: When Secretregistering a Data object non-cryptographic for purposes, the attributes following When Secretregistering a Data object, following the attributes set are by server:the relevant other for only cryptographic types of objects. includingobject, the State, Digest, and certain Date attributes, evenif attributesthe may seem kmip-ug-v1.2-cnprd02 as: provides pairsKMIP ofseveral such permissions in the Cryptographic Usage (3.14), Mask such application-levelInstead, specialized permissions are to necessary the control use these keys.of the Allowing use these keysof outside theirspecialized may purposes compromise security. why this is the case. Non-Standards TrackNon-Standards   Asymmetric Symmetric with Concepts Keys        looking foran attribute that permits“encrypt”is not sufficient. applications, securely differentiated arekeys for used these operations. three Simply ofcomputation a all use MAC the fundamental operation but“encrypt”, in many primitives.cryptographic example, For encryption of data, encryption of and key, a whichSome require operations separate key thetypes use same fundamental usages two able not are be to distinguished by onlyconsidering “encrypt”vs. “decrypt”. same. the bothThus, generation and verification use “encrypt”the operation, and the thatcomputing same MAC and comparing ita to value supplied to determine they if are generation involves andcomputing returningthe while MAC, MAC verification involves primitivecryptographic in bothis used of complementarythe operations. MAC some theseIn operations, of such MAC as generation and verification, the same Cryptographic UsageMask ChangeLast Date Initial Date State Digest ObjectType IdentifierUnique MAC VERIFY MAC GENERATE The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track possible to compose certain MACs a using series cryptographicFor MAC operations. Although it is Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 33 of 83

[Type the document title] 1127 1126 1141 1140 1139 1138 1137 1136 1135 1134 1133 1132 1131 1130 1129 1128 1143 1142 165 164 168 167 166 In order to In asymmetricsupport concepts using symmetric keys KMIP in a thesystem, server T kmip-ug-v1.2-cnprd02 pairs given are below. application(s) using the object. Some examplesof Application Namespace and Application Data The Application Specific Information attribute is used storedata to which is the to specific 1.41 blockskey dynamically both are approaches.acceptable storingvendor: multiple blocks allkey necessary with combinations of attributes or generating The internalimplementation thisfeatureof the at server is a end matter choice of for the clienteach or of group clients. and distinctsynchronize copiesthe of symmetric key just – need definea to policyaccess for identity configured and access thatrights of specific client. Therethus, is, needno maintain to key, the is server able chooseto which attributes (permissions) send to it,with based the on keysingle object systemin to the which all relevant clients refer,when a but client requests that for clients As verify operations. indicatedby 3 Section (“Attributes”) of implementation needs be to able differentiate to between for clients operations generate and Non-Standards TrackNon-Standards ABLE Application SpecificInformationApplication  

2 : C : TLS, 'some.domain.name'TLS, '[email protected]' SMIME, RYPTOGRAPHIC TRANSLATE TRANSLATE UNWRAP TRANSLATE WRAP TRANSLATE DECRYPT TRANSLATE ENCRYPT VALIDATE CRYPTOGRAM GENERATE CRYPTOGRAM U SAGE The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply M ASKS This Non-Standards is a Work Product. Track P AIRS translation process. risk the leaking plaintext data during the distinct unwrap-wrap or decrypt-encrypt steps the change be to atomic operation, an otherwise encryption keys are itchanged, is desirable for encrypted shared using symmetric keys. When networks), information is sent placefrom to place techniques (notably, but exclusively not financial data. many areas In that rely on symmetric To accommodate trafficsecure routing of and “Cryptographic Parameters” in tospecify a cryptogramthe isused it key for is also necessary financial specifyARQC. exactlyor CVC whichTo compositeFor cryptogram operations such as the operation atomic andbeing specific. of encryptcalls, the securitythe of MAC relies on wrapping. TRANSLATE WRAP/UNWRAP encipherment. TRANSLATE ENCRYPT/DECRYPT Copyright © Copyright OASIS Open Reserved.Rights© All 2014. role for for Sectionkey the (see [KMIP-Spec] . is used is used for key [KMIP-Spec] is used fordata there is a Page Page 19 June 192014 1.21 ). 34

of 83

[Type the document title] 1165 1164 1163 1162 1161 1160 1159 1158 1157 1147 1180 1179 1178 1177 1176 1175 1174 1173 1172 1171 1170 1169 1168 1167 1166 1156 1155 1154 1153 1152 1151 1150 1149 1148 1146 1145 1144 170 169 173 172 171 error iserror returned the to client. server If the notdoes the recognize namespace, the “Application Namespace Supported” Not serverrequesting the generate to Application the Data is shown below: Applicationspecified Namespace recognized andis supported by server. the An example for Application Data if Application the Data is completelyomitted from request,the and client- the or Application modifying the Specific Information attribute. A generates only server the generate to server the Application Datathe for client by Application Dataomitting setting while provides KMIP support optional for server-generated Application Data. may Clients request the ApplicationThe following Namespaces recommended: are kmip-ug-v1.2-cnprd02 by perceived the the server’sserver, policy to is used determine whetheraccept to the asbut result a a of clock the skew, datespecified of attribute the is earlier than the time If client aa sets time-related attribute to currentthe date and time by(as perceived the client), Template–Attribute. operation, may be optionally returned theby in server the operation inside response the Attributes that not are by set the client, but implicitlyare set the by as server result a theof anderror specifies“Invalid Field” Resultas Reason. attributean value that is being inside specified request the by the client, the returns server an does KMIP support not mutationserver of client-supplied attributes. If a does server acceptnot 1.42 thewith Application Data to value set null. client. Inthe the the examplebelow, server stores the Application Specific Information attribute serverthe the uses provided Application Data, and does generate not Application the Data for Application If the Data is provided, and the Application Namespace is recognized the by server, Non-Standards TrackNon-Standards Mutating AttributesMutating             AddAttribute(Unique AppSpecInfo{AppNameSpace=’LIBRARY-LTO4’, ID, AppData=null}); AddAttribute(Unique AppSpecInfo{AppNameSpace=’LIBRARY-LTO4’}); ID, LIBRARY-LTO, LIBRARY-LTO5and LIBRARY-LTO4, LIBRARY-LTO6 LTO5, LTO4, LTO6and NameFile VolumeIdentification PGP HTTPS IPSEC TLS SMIME Generated Client KeyID, ‘450994003' Name, File 'secret.doc' VolumeIdentification, '123343434' The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 35 of 83

[Type the document title] 1202 1201 1200 1199 1198 1197 1196 1195 1194 1193 1192 1191 1190 1189 1188 1187 1186 1185 1184 1183 1182 1181 1219 1218 1210 1209 1208 1207 1206 1205 1204 1203 1217 1216 1215 1214 1213 1212 1211 175 174 178 177 176 are out-of-scope are for beencode excluded has from certificate unsuspension hold) or certificate a (removing from hold). The fromexcluded the with following exceptions. The [KMIP-Spec] T 1.43 field Stamp in additionalFor information,to refer the thesections describing State attribute the and Time time. thecause to server errorreturn an evena if date attribute to is set the client’s current date and backdated attributes, need to clients take into account that potential issues clock skew may If it is possibleto not aset date attribute an via operation, and the does server support not perceivedas the by server. operation. wouldThis require the set to server the Date toActivation the date andcurrent time example, insteadexplicitly of setting the Date, Activation clients could the issue Activate recommended the issue to operation thatimplicitly set would the date forthe client. For change thestate at current specified date and time by(as perceived the areclient), clients doesIf server a support not backdated attributes, and objectscryptographic are expected to byis set the client. “backdated attribute”. KMIP not does serverrequire the fail to requesta a if backdated attribute kmip-ug-v1.2-cnprd02 certificate updates using Certify operation.the Certificate supported rekey throughis the SpecificationThe supports KMIP certificate renewals the using Re-Certify and operation found in IETF dates validity certificate Inis created. all situations, the new certificate includes new a serial number and new multiple by terms, whatbased upon data the within certificate is changed when the new ofThe process generatinga new certificate replace to an existing certificate may referred be to 1.44 KMIP within it is applyassumed only to to keypublic certificates Spec] Non-Standards TrackNon-Standards he enumerations forthe Revocation Reason attribute specified table (see in KMIP 9.1.3.2.19 in    Certificate Renewal, Update, and Re-key Revocation Reason Codes since it may be used attributefor either or public certificates. key the In context its useof new new that certificatethe public key.certifies new CertificateRekey certificatethe in thanother subjectthe public key. CertificateUpdate: dates) validity certificate.the in subject the or public key information other serial(exceptthe certificatenumberand CertificateRenewal ) aligned are with the Reason Code in specified [RFC3647] [KMIP-Spec] [KMIP-Spec] [KMIP-Spec] [KMIP-Spec]

The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply and and : : Thegeneration new of key a for pair subjectthe the and of a issuance uses the uses following which is terminology aligned with the definitions . Theissuance new ofcertificate, a todue changes informationthe in since KMIP not does certificatesupport suspension (putting a : Theissuance : of a new tocertificatesubject the changingwithout [RFC4949] This Non-Standards is a Work Product. Track [KMIP-Spec] . . The certificateHold privilegeWithdrawn : since it only to applies attribute certificates, which and Copyright © Copyright OASIS Open Reserved.Rights© All 2014. removeFromCRL reason code is included in [X.509] . and in referenced reason codes reason have been . aaCompromise [KMIP- [RFC5280] Page Page 19 June 192014 reason 36 of 83

[Type the document title] 1240 1239 1238 1237 1236 1235 1234 1233 1232 1231 1230 1229 1228 1227 1226 1225 1224 1223 1222 1221 1220 1255 1254 1253 1252 1251 1250 1249 1248 1247 1246 1245 1244 1243 1242 1241 180 179 183 182 181 keys. keys. When two only employedare (called Triple-DES), two-key then Key1 Key3.= bundle (KEY) each are bits(even though64 only are 56 used); the keysthree also are as to referred key a Triple-DESA consists key of keys three forthe cryptographic engine (Key1, and Key2, that Key3) 1.45.1 4F 3C. AAppendix forthe byte) 128-bit(16 Cipher AES 7E Key:2B 1528 16 AE AB D2 88 F7A6 15 09 CF Keyfollowing byte stringgenerate to and thematch key expansion test vectors in Proper and parsing key of load the ofcontents Key the is forAES determined by using the index in 0 bytes indexed starting 0.at The first byte of Key the becomes key byte inthat AES is labeled Encoding Key AES AES defines how keythe is used. The next sections establish that correspondence for the algorithms thebetween abstract syntaxof and Key the notation in the standard algorithmdescription that same way in order interoperate. to To ensure it that, is necessary define to a correspondence Two receiving parties the same key a as ValueByte StringKey make of use thein exactly key the 1.45 key.public followed a by Certify operation, which a issues new certificate containing the replacement (new) submission of Re-key a Pair operation, which Key a generates (new) replacement pair,key kmip-ug-v1.2-cnprd02 such the as Signature Digital (DSA) Algorithm and Diffie-Hellman (DH) and theirelliptic curve There mathematicalare relationships certain asymmetricbetween cryptographic algorithms 1.46 =Key3 456789ABCDEF0123 =Key2 23456789ABCDEF01 =Key1 0123456789ABCDEF B Appendix for the bundle:key Keyfollowing byte stringgenerate to and thematch key expansion test vectors in Proper and parsing key of load the ofcontents Triple-DES for Key is determined by theusing Triple-DES).two-key Key1, so of and forth, sothat the byte last of KEY the is bits57 through of 64 Key3 Key2 (or for Key1, of bit1 with being mostthe significantbit. The secondbyte of Keythe isthrough bits9 16 1 number being left the most, or most Thesignificant bit. first thebyte isof bits Key through1 8 defined in keyEach Triple-DES in a key is expandedbundle into keya according schedule procedure a to Non-Standards TrackNon-Standards Key Encoding Using the Same Same the Using Asymmetric Key Pair inMultiple Algorithms [FIPS 197] [FIPS Triple-DES KeyEncoding [FIPS 197] [SP800-67] [SP800-67] and Triple-DES [FIPS 197] [FIPS

and and other bytesthe follow key in index order. Appendix A. Appendix That procedure numbers the bitsin the key to 1 from 64,with . . keyA bundle eithermay oremploy three two mutually independent The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply

section 5.2, Key titled Expansion, the keyuses input as arrayan of This Non-Standards is a Work Product. Track [SP800-67] . Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . [FIPS 197] [FIPS [SP800-67] Page Page 19 June 192014 37

of

83

[Type the document title] 1277 1276 1275 1274 1273 1272 1271 1270 1269 1268 1267 1266 1265 1264 1263 1262 1261 1260 1259 1258 1257 1256 1293 1292 1291 1290 1289 1288 1287 1286 1285 1284 1283 1282 1281 1280 1279 1278 185 184 188 187 186 The privateis RSA comprised key of modulus a (n),the exponent public the (e), private exponent keythe material. it alsoincludes the length the of exponent and (e) the overhead of the ASN.1) (e.g., encoding of (n)modulus only. the So fulllength of the key public RSA is actuallylonger than 2048 bits, since indicates that the public RSA is 2048bits key in length athat is reference the to bit lengththe of The public RSA is comprised key of modulus a and(n) an (public) (e). exponent When one key. value. This maypoint be looking illustrated by theat components a of public RSA privateand mathematical values comprising publicthe or the keyprivate is longerthan the referenced theportions of mathematical values that comprise the key. The actuallength of all the asymmetric (publicor private) may be key misleading,since thislength only certain to refers The value 2048bits) (e.g., referred in to the KMIP 1.47 for one purpose. NIST (e.g., 4] Thisalgorithm. approachkeeps KMIP thein line with reference standards NIST (e.g., chosen specify to separate key formats forrepresenting the asymmetric key pair foruse in each Even thoughsingle a pair key be may used in multiplealgorithms, the Specification KMIP has pair forkey algorithm each type. Inalgorithms. addition, there overlaps are in theformat key used represent to the asymmetric equivalents ECDSA and that ECDH allow asymmetric the same key pair be to in bothused kmip-ug-v1.2-cnprd02 simply pick first protocolthe that version is returned the by server, assuming that the client “Operation Supported”error.Not server KMIP a 1.0 and serverthe not does the support operation, the returns server the and mayservers therefore support not thisoperation. If the requestDiscover Versions is sent to that client both and understand. server The operation addedwas 1.1. KMIP to 1.0KMIP clients The Discover operation Versions clients allows and to servers protocolidentify KMIP a version 1.48 Length asymmetric (publicand private) material key based the on value specified in the implementations needKMIP to they do ensure make not assumptions about the actuallength of keythe material. componentsadditional which comprise theand key the overhead of (e.g., encoding ASN.1) of (n), modulus overallso the length theof privatewould key be longer given the ofnumber q)((inverse modof p).Onceagain the 2048bit length iskey referringonly theto length theof (d), prime 1 (q), (p), prime 2 1exponent (d(p-1)), mod 2 exponent (d(p-1)), mod and coefficient Non-Standards TrackNon-Standards The addresses operation both the “dumb” “smart”and client scenarios. Dumb clients may , ANSI Discover Versions Cryptographic of AsymmetricLength Keys attribute. [X9.42] [SP800-57-1] , etc.) from, which theformats key are obtained andbest the practice documents , NIST The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply [SP800-56A] This Non-Standards is a Work Product. Track etc.) which recommend that key a pair only usedbe Cryptographic Length Copyright © Copyright OASIS Open Reserved.Rights© All 2014. attribute foran . Cryptographic [FIPS 186- Page Page 19 June 192014 38 of 83

[Type the document title] 1313 1312 1311 1310 1309 1308 1307 1306 1305 1304 1303 1302 1301 1300 1299 1298 1297 1296 1295 1294 1328 1327 1326 1325 1324 1323 1322 1321 1320 1319 1318 1317 1316 1315 1314 190 189 193 192 191 Any Any RevocationCertificate List (CRL) checking which may required be for certificate-related 1.50 rather encoding TTLV than vendor encoding specific in opaqueinformation byte strings. common useA of extensions isfor allow to structuredthe definition of attributes KMIP using that server isKMIP not currently the specification.defined within KMIP Extensions mayused be by vendors communicateto information between KMIP and a client a for allows extensions KMIP vendor numberin a of areas: 1.49 using server protocolthe in specified version requestthe header. areclients aware that the request result indid not error couldan and communicate thewith in the payload,request the returns server an empty list in the response payload. In this scenario, inspecified the request payload and the not does server any support protocol specified version versionsinprotocol requestthe payload. the protocol If inversion the request notheader is specifyClients the in version theprotocol request header and provide optionally list a of payload anda picking version protocol that is supported both by client server.and return to server complete ofa list supported versions protocol sendingby an empty request theprovides with server list a of supported version. protocol may Smart requestclients the kmip-ug-v1.2-cnprd02 Keys, Private Keys,Keys, or Split Data. Secret introducedas in version 1.2 of Meta-Data Only MDO) ( arekeys Managed those Key Objects for which Key no Valueis present, 1.52 asymmetric key profiles includedV1.1. in KMIP andsymmetric keys isregard similar the to Opaquekey format type. without having rely to on attributesthe provided by GetAttributes operation”the and in that wrapped cryptographic objects (possibly theRaw from serverkeys) KMIP be should used The key “raw” format situations supports such“non-KMIP-aware as are end-clients aware how usedbe for“a that contains key cryptographic only material, key asencoded string of a bytes. defined As of 2.1.3 in Section the Specification V1.1, KMIP “raw” formatthe key is intended to 1.51 fromoperation server. a suchoperations as register and re-key be should performed the by client to prior requesting the Non-Standards TrackNon-Standards 3. 2. 1. Use Meta-Data Onlyof Use Keys(MDO) “Raw” the Using Key Format Type Certificate Revocation Lists Attributes may defined be theby client a with “x-“ orprefix by server the a with “y-“ prefix Item Tagthe values of form 0x54xxxx are for extensionsreserved vendor Enumerations havespecific ranges which notedare extensions as Vendor Extensions

not therefore asymmetrickeys; The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track [KMIP-Spec] MDO objects MDO can one thebe of following:Symmetric

“Raw” key format is intendedbe to applied to , thisformat is not Copyright © Copyright OASIS Open Reserved.Rights© All 2014.

specified specified in the . Page Page 19 June 192014 39 of 83

[Type the document title] 1350 1349 1348 1347 1346 1345 1344 1343 1342 1341 1340 1339 1338 1337 1336 1335 1334 1333 1332 1331 1330 1329 1367 1366 1365 1364 1363 1362 1361 1360 1359 1358 1357 1356 1355 1354 1353 1352 1351 195 194 198 197 196 and and derivationMAC-based key options. certificate andrequests validating certificate hierarchies). defines a KMIP range Hash-based of a for support subset the of operations for necessary certificate management (certifying plaintextboth optionallyand wrapped with another managed alsoincludesobject. KMIP supports KMIP registrationcreation and managed of objects and retrievalof managed objects in 1.53 section of object. An do to attempt sowill return an errorappropriate specified as in the Handling Error for operations Re-key, Key Re-key Pair and KeyDerive be cannot out carried an on MDO key Finally, because is no there ValueassociatedKey with MDO an key the on server, KMIP operationRegister and createa new managed with object the Value. Key theon If some server. for reason clientthe wanted this, do to it would carry haveto out another protocoldoesThe KMIP not thesupport of addition a Valueto Key existingan MDO object key theon server. createwill Key a ValuePresent attribute and it to set false indicate to the key value is stored not location the Value of Key instead. such For keys, part as theof Register operation, the server operation, although it may optionally include Key a Value Location attribute indicating the KMIP cases, will the not client include Key a the Value within Key duringaBlock Register (HSM),Module with policya thatnot does the for allow keys leave to its hardware. such In boundary. One such examplecould be createdfor keys and within stored Hardware a Security keythe with Key a Management System, without having theitself key leave the client’sphysical mayThis be result of a the client KMIP wantingto only register information (Meta-Data)about kmip-ug-v1.2-cnprd02 protectionsufficient of the plaintext data included in cryptographic operations and levelselecting a of protection for the communication TLS (the channel connection) that provides clientsKMIP and using servers KMIP cryptographic operationsservices should mindful be of in the wherecontexts that is appropriate. acting as proxy a for another cryptographic ordevice operating in fact as cryptographic a device wherecontexts that is appropriate. A supporting server KMIP cryptographic services may be aas for proxy Certification Authoritya or in fact operate a as Certification Authority in the The supports protocol basea set operationsof certificates on that enable a manager key act to supportThis forcryptographic services the to is similar approach certificates. taken for in KMIP general hashing. MACsignature verification, generation, MAC verification, numberrandom generation, and servicescryptographic using managed objects for encryption, decryption, generation,signature 1.2 addsKMIP for support servicescryptographic in the of form client-to-server for operations theimproving overallsecurity of solution. a thestrengthening integration between keythe management and cryptographic operations, or fromoperations KMIP a isserver in beneficial terms simplifying of the client implementation, There certainare situations in which having capabilityfor client KMIP to a cryptographicrequest Non-Standards TrackNon-Standards Cryptographic Service [KMIP-Spec] . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 40 of 83

[Type the document title] 1388 1387 1386 1385 1384 1383 1382 1381 1380 1379 1378 1377 1376 1375 1374 1373 1372 1371 1370 1369 1368 1404 1403 1402 1401 1400 1399 1398 1397 1396 1395 1394 1393 1392 1391 1390 1389 200 199 203 202 201 Generally, theGenerally, process takes passes: four attestationthe computation in the measurement. integrity honoring a client’s request. Additionally,the may server want a guarantee the of freshness of someIn scenariosserver the may wantof assurance the of integrity the client’ssystem before 1.54 RNG model.specific RNG KMIP foreach client. There is requirementno fortheto server KMIP implement any for the RNG server, which isan shared in an unspecified by clientsmanner KMIP or separate a KMIP A thatserver the supports RNG Retrieve and RNGoperations Seed may havea RNGsingle operation. restrictionsenforce on quality the or nature of random the provided a inby client RNG Seed the to delivered clients thewith RNG Retrieve Operation. nonce creation, IVgeneration,and client-server TLS key session creation, and randomthe all clients. Issues in the orquality integrity random of provided in RNGcan Seed affect policy)shouldserver reflect the oflevel confidencethat that has server in a clientparticular or server Similarly, regardingpolicy accepting random a from (see client section to server KMIP selection enforce of level a protection. of commensurate the with security strength of operation.the There is requirement no the for kmip-ug-v1.2-cnprd02 Passing attestation data with client a request can be achieved as in KMIP follows: Non-Standards TrackNon-Standards 3. 2. 1. 4. 3. 2. 1. Passing Attestation Data will bewill used in the measurement. usesThe client the from noncereceived the inserver the computation attestation that message.} thanother “Attestation the Required”, will server not ainclude noncein the error awith Nonce object in the header. response { requestIf the requires attestation, the server return will “Attestationan Required” error in theTrue request header. T The verifies server measurementthe and sendsappropriate the response the to client. andsystem, the measurement contains the thenonce from server. sendsThe client a request the to whichserver includes the of measurement the client’s tocomputation guarantee freshness ofthe the measurement. The returns server a nonce random the to client be that will used attestationin the sendsThe client a request the to whichserver requires attestation. he client a sends request the to with server Attestationthe Capable to Indicator set  not capablenot or willing verifyto the attestation data from the client. frommeasurement the or anclient from assertion third party a the if server is formsThe client an CredentialAttestation Object which contains theeither The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track If clientIf the request for fails reasonany Copyright © Copyright OASIS Open Reserved.Rights© All 2014. KMIP, as KMIP, as protocol,a does itself not . 1.7 regarding Page Page 19 June 192014 key 41 of 83

[Type the document title] 1425 1424 1423 1422 1421 1420 1419 1418 1417 1416 1415 1414 1413 1412 1411 1410 1409 1408 1407 1406 1405 1442 1441 1440 1439 1438 1437 1436 1435 1434 1433 1432 1431 1430 1429 1428 1427 1426 205 204 208 207 206 obtained by theobtained by client, offerbut client no operations request to a be Key Split generated or v1.0and v1.1KMIP KMIP a allow to client Splitregister a that Key was created otherwise or 1.55 include Nonce objecta in the response header. Capable Indicator to True, then the a willserver send “Permission Denied” error will not and clientIf the sends request a that requires attestation but client the has set not the fresha noncefrom server) also the server depends on policy. clientthe (i.e., the timeframe in which the client must return the nonce before needs request to nonce random server depends on policy. ofThe lifetime the nonce once the has server it sent to How frequently(e.g. every request,every 100 requests, server etc.) the a generates new authentication the as Username Passwordand or Device Credential. headersame sincerequest Attestation Credentials not do the provide same type of The needs server be to capable processingof and verifying multipleCredential Objects in the kmip-ug-v1.2-cnprd02 in thesupplied Create Split request. Key add Parenta Link attribute each from newly Split thegenerated to Key base key that was Unique an Identifier of existing basein key Createa Split request, Key clientthe may want to with PartKey Key Identifier the N to Key Split with Part Key IfIdentifier the1. client thesupplies Keywith Identifier Part 1 the to Key Split Key with Identifier Part Nand a Next Link thefrom Split DenotingK+1. value of the Key Split by Parts N, the adds client a LinkPrevious the from Split Key Split withthe Key Part Key Identifier K-1 a and Next Link theto Key Split Keywith Identifier Part as TheKeys client follows. adds Previous a Link the from Key Split Key with Identifier Part K to mayThe want client addto link attributes moreeasily to locate the set complete relatedof Split lista of Unique Identifiers forthe newly Split created Keys. in thekey key splittingoperation insteadgenerating of new a one. anIdentifier of existing basein a key Create Split the request, Key server use will the supplied keydesired attributes (e.g. Object Type, Cryptographic Length). Splitincludes parametersthe Key (Split Parts, Split Key Threshold,SplitKey Method) Key and requestTo the generate server split the a key, client sends Create a Split request Key that v1.2 KMIP to a provide to morecomplete ofset functionality. split key recombined by server.the The Key Create Split operation Join Splitand operation Key added are Non-Standards TrackNon-Standards Split KeySplit 4. “Attestation Failed” “Attestation error instead completing of request the issued theby client.} nonce does match not sent one recently by server, thethe will server return an ormeasurement assertion data in the Credential not Object does validate or the if thesends appropriate response the complete to request issued theby client. the {If noncethat the in the Credential oneObject matches sent the recently by server, then The validates server the measurement or dataassertion in the Credential Object, checks  The client thenThe issues client request a which contains the Attestation Credential Object in the Object in the header.request The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. If clientIf thethe supplies Unique The server respond will with . Attestation Attestation Page Page 19 June 192014 42 of 83

[Type the document title] 1463 1462 1461 1460 1459 1458 1457 1456 1455 1454 1453 1452 1451 1450 1449 1448 1447 1446 1445 1444 1443 1477 1476 1475 1474 1473 1472 1471 1470 1469 1468 1467 1466 1465 1464 210 209 213 212 211 following circumstances: following security relevant in continuing implications use to Manageda Cryptographic Object in the CompromiseKey or Opaque Object that a hasclient performed Revoke a withoperation Revocation a Reason of action any on Managed Object that (i.e., references via Link aattributes) Cryptographic Object specificationThe KMIP occurred then itprovide should Compromise a Occurrence Date equal the to Date. Initial Revocation Reason is or compromised performing by Revoke a Operation a with Revocation Reason of clientKMIP, a indicatesthe to server that Cryptographic a Object is be to considered CryptographicA Object or OpaqueObject may be compromised variety fora of reasons. In 1.56 withrespond the Unique the Identifier of key combining obtained by provided Keys.the Split willableserver be combine to keysthe to according Method. the Key Split The will server requestthe needs to at be least value ofthe Key Split Threshold Split to in the Keys theensure lista of Unique the IdentifiersKeys of Split be to The combined. number of Unique Identifiers in typeincludes ofthe object be to (e.g. returned Symmetric Key, Private Key, or Data)Secret and requestTo the recombine server a of set split keys,the clienta sends Key Join Split request that kmip-ug-v1.2-cnprd02 algorithms. enumeration, KMIP the Object Identifier (OID)and multiplesnames (synonyms) forthe ECC theof ECC algorithms specified in the specification KMIP since the to algorithm is defined in multiple documents. table The following provides mapping a multiple source documents in someand cases, the same algorithm is known multiple by names ( SpecificationThe KMIP 1.57 Object. Managedreferenced Object or also to a perform onRevoke operation the Managedreferenced these circumstances,In it is the responsibility of client eitherthe to the check state of the Non-Standards TrackNon-Standards [FIPS 186-4] CA Compromise Elliptic Elliptic Curve Cryptography (ECC) MappingAlgorithm    Compromised Objects For a compromised a For Derived Key,the linkedderived key and/orData Secret Object compromised a For Public Key, the linkedPrivate Key and/or Certificate; compromised a For Private Key,the linkedPublic Key and/or Certificate;

[SEC2] [X9.62] [SEC2] [X9.62] [ECC-Brainpool] or . . clientThe provideKMIP must Compromise a Occurrence Date (if the CA Compromise Key CompromiseKey [KMIP-Spec] [KMIP-Spec] The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track places requirementsno a on to server KMIP anyperform (see section (see 9.1.3.2.5) specifies numbera ECC algorithms of However, KMIP. be usersshould aware that there may be ) if) and it is unable estimate to when the compromise

[RFC5639] Copyright © Copyright OASIS Open Reserved.Rights© All 2014. ) . . Thesealgorithmsare definedin [KMIP-Spec] . The. table identifies the . Key Key Compromise Page Page 19 June 192014 43 of 83

[Type the document title] 215 214 218 217 216 SECP192R1 SECP192K1 SECP160R2 SECP160R1 SECP160K1 SECP128R2 SECP128R1 SECP112R2 SECP112R1 B-571 K-571 P-521 B-409 K-409 P-384 B-283 K-283 P-256 B-233 K-233 P-224 B-163 K-163 P-192 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards Algorithm NameAlgorithm 00000012 00000011 00000010 0000000F 0000000E 0000000D 0000000C 0000000B 0000000A 00000009 00000008 00000007 00000006 00000005 00000004 00000003 00000002 00000001 00000001 00000017 00000016 00000015 00000014 00000013 The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply KMIP Enumeration This Non-Standards is a Work Product. Track Value 1.3.132.0.16 1.2.840.10045.3.1.7 1.3.132.0.27 1.3.132.0.26 1.3.132.0.33 1.3.132.0.15 1.3.132.0.1 1.2.840.10045.3.1.1 1.2.840.10045.3.1.1 1.3.132.0.31 1.3.132.0.30 1.3.132.0.8 1.3.132.0.9 1.3.132.0.29 1.3.132.0.28 1.3.132.0.7 1.3.132.0.6 1.3.132.0.39 1.3.132.0.38 1.3.132.0.35 1.3.132.0.37 1.3.132.0.36 1.3.132.0.34 1.3.132.0.17 Copyright © Copyright OASIS Open Reserved.Rights© All 2014. OID . SECT283K1 ANSIX9P256V1 SECP256R1 SECT233R1 SECT233K1 SECP224R1 SECT163R2 SECT163K1 ANSIX9P192V1 SECP192R1 ANSIX9P192V1 P-192 SECT571R1 SECT571K1 SECP521R1 SECT409R1 SECT409K1 SECP384R1 SECT283R1 Synonym(s) Algorithm Page Page 19 June 192014 44 of 83

[Type the document title] 220 219 223 222 221 ANSIX9P192V3 ANSIX9P192V2 ANSIX9P192V1 SECT571R1 SECT571K1 SECT409R1 SECT409K1 SECT283R1 SECT283K1 SECT239K1 SECT233R1 SECT233K1 SECT193R2 SECT193R1 SECT163R2 SECT163R1 SECT163K1 SECT131R2 SECT131R1 SECT113R2 SECT113R1 SECP521R1 SECP384R1 SECP256R1 SECP256K1 SECP224R1 SECP224K1 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards 00000018 0000000B 00000009 00000008 00000021 00000006 00000005 00000020 0000001F 00000003 0000001E 00000002 0000001D 0000001C 0000001B 0000001A 0000000D 0000000A 00000007 00000019 00000004 00000023 00000022 00000001 0000000F 0000000E 0000000C The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track 1.3.132.0.1 1.3.132.0.23 1.3.132.0.22 1.3.132.0.5 1.3.132.0.4 1.3.132.0.35 1.3.132.0.34 1.2.840.10045.3.1.7 1.3.132.0.10 1.3.132.0.33 1.3.132.0.32 1.2.840.10045.3.1.3 1.2.840.10045.3.1.2 1.2.840.10045.3.1.1 1.3.132.0.39 1.3.132.0.38 1.3.132.0.37 1.3.132.0.36 1.3.132.0.17 1.3.132.0.16 1.3.132.0.3 1.3.132.0.27 1.3.132.0.26 1.3.132.0.25 1.3.132.0.24 1.3.132.0.15 1.3.132.0.2 Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . K-163 P-521 P-384 ANSIX9P256V1 P-256 P-224 SECP192R1 P-192 B-571 K-571 B-409 K-409 B-283 K-283 B-233 K-233 B-163 Page Page 19 June 192014 45 of 83

[Type the document title] 225 224 228 227 226 BRAINPOOLP256T1 BRAINPOOLP256R1 BRAINPOOLP224T1 BRAINPOOLP224R1 BRAINPOOLP192T1 BRAINPOOLP192R1 BRAINPOOLP160T1 BRAINPOOLP160R1 ANSIX9C2TNB431R1 ANSIX9C2PNB368W1 ANSIX9C2TNB359V1 ANSIX9C2PNB304W1 ANSIX9C2PNB272W1 ANSIX9C2TNB239V3 ANSIX9C2TNB239V2 ANSIX9C2TNB239V1 ANSIX9C2PNB208W1 ANSIX9C2TNB191V3 ANSIX9C2TNB191V2 ANSIX9C2TNB191V1 ANSIX9C2PNB176V1 ANSIX9C2PNB163V3 ANSIX9C2PNB163V2 ANSIX9C2PNB163V1 ANSIX9P256V1 ANSIX9P239V3 ANSIX9P239V2 ANSIX9P239V1 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards 00000024 00000037 00000036 00000035 00000034 00000033 00000032 00000031 00000030 0000002F 0000002E 0000002D 0000002C 0000002B 0000002A 00000029 00000028 00000027 00000007 00000026 00000025 0000003E 0000003D 0000003C 0000003B 0000003A 00000039 00000038 The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track 1.2.840.10045.3.0.7 1.2.840.10045.3.0.6 1.2.840.10045.3.0.5 1.2.840.10045.3.0.4 1.2.840.10045.3.0.3 1.2.840.10045.3.0.2 1.2.840.10045.3.0.1 1.2.840.10045.3.1.7 1.2.840.10045.3.1.6 1.2.840.10045.3.1.5 1.2.840.10045.3.1.4 1.3.36.3.3.2.8.1.1.8 1.3.36.3.3.2.8.1.1.7 1.3.36.3.3.2.8.1.1.6 1.3.36.3.3.2.8.1.1.5 1.3.36.3.3.2.8.1.1.4 1.3.36.3.3.2.8.1.1.3 1.3.36.3.3.2.8.1.1.2 1.3.36.3.3.2.8.1.1.1 1.2.840.10045.3.0.20 1.2.840.10045.3.0.19 1.2.840.10045.3.0.18 1.2.840.10045.3.0.17 1.2.840.10045.3.0.16 1.2.840.10045.3.0.13 1.2.840.10045.3.0.12 1.2.840.10045.3.0.11 1.2.840.10045.3.0.10 Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . SECP256R1 P-256 Page Page 19 June 192014 46 of 83

[Type the document title] 1479 1478 230 229 233 232 231 BRAINPOOLP512T1 BRAINPOOLP512R1 BRAINPOOLP384T1 BRAINPOOLP384R1 BRAINPOOLP320T1 BRAINPOOLP320R1 T kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards ABLE 3: ECC A ECC 3: LGORITHM M 0000003F 00000044 00000043 00000042 00000041 00000040 APPING The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track 1.3.36.3.3.2.8.1.1.14 1.3.36.3.3.2.8.1.1.13 1.3.36.3.3.2.8.1.1.12 1.3.36.3.3.2.8.1.1.11 1.3.36.3.3.2.8.1.1.10 1.3.36.3.3.2.8.1.1.9 Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 47 of 83

[Type the document title] 1498 1497 1496 1495 1494 1493 1492 1491 1490 1489 1488 1487 1486 1485 1484 1483 1482 1481 1480 1516 1515 1514 1513 1512 1511 1510 1509 1508 1507 1506 1505 1504 1503 1502 1501 1500 1499 235 234 238 237 236 This isThis accomplished by anyallowing date/time attribute be to present once either (for an exact is possibletoIt formulate Locateto queries address ofany the conditions following 1.58 keysolve management related issues. Interoperability SpecificationProtocol to specific address key management usage scenarios or to sectionThis describes how apply to the described functionality Keyin the Management 4 kmip-ug-v1.2-cnprd02 (correspondingfollowing the to bulleted list above): instance,For the if state we interested are in is Active, the Locate queries be would the match) ormost at twice (for range a match). Non-Standards TrackNon-Standards          Locate Queries Applying KMIP Functionality Match of Match of statea duringan entire Locate range: time (ActivationDate(0), DeactivationDate or CompromiseDate is MAX_INT equivalent to (i.e., infinite). orDeactivated Compromised before t).The server assumes without that keys a Compromised after we (because t don't keyswant the that havea transition to withkeys transition a Active to until before andor at, transitionDeactivated to or CompromiseDate(MAX_INT) ). Locate keys in the state atActive t, time by looking for DeactivationDate(t+1), DeactivationDate(MAX_INT), CompromiseDate(t+1), matchExact of state a at specified a time: Locate (ActivationDate(0), ActivationDate(t), ActivationDate(t')). withLocate keys an Date Activation orat between and t t’. match Range aof transitiona to Locate given state: (ActivationDate(t), Activationan Date of t. matchExact of transition toa given a state: Locate (ActivationDate(t)). Locate keys with transition that to state could be start before the of specifiedthe range. time certain some state at time orat betweenspecified two (t times and t’). In this case, the Match of statea at point some duringa range.time Locate the key(s) that are in a oroccur at before and t that the Deactivation Date occur atcould or after t’+1. during an time entire with specified (ttimes and t’). that Note the Activation Date could Match of statea duringan entire range.time Locate the key(s) that in are certaina state specified a (t).time matchExact of statea at specified a Locate time. key(s) thatthe are certain in a state at certain any state at time between at twoor times specified (t and t’). match Range aof transitiona to given state.Locate the key(s) with transition toa a certain a state at time specified (t). matchExact of transition toa given a state.Locate key(s) withthe transition a a to during the time entire to t from t’. CompromiseDate(t'+1), CompromiseDate(MAX_INT) ). Locate keys in the state Active ActivationDate(t), DeactivationDate(t'+1), DeactivationDate(MAX_INT), The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . : Page Page 19 June 192014 48 of 83

[Type the document title] 1541 1540 1539 1538 1537 1536 1535 1534 1533 1532 1531 1530 1529 1528 1527 1526 1525 1524 1523 1522 1521 1520 1519 1518 1517 1558 1557 1556 1555 1554 1553 1552 1551 1550 1549 1548 1547 1546 1545 1544 1543 1542 240 239 243 242 241 and and Compromisethe For Date. thisstate, Locate the wouldoperation expressed be follows:as theIn caseof the Destroyed-Compromise there state, two are dates recorded: Destroythe Date Date. The would queries similar be forInitialDate, Deactivation CompromiseDate, Date and Destroy kmip-ug-v1.2-cnprd02 thewith lowest index Wrapping IfSpecification. the omitted, chooses server Cryptographicthe Parameter attribute multiple Cryptographic Parameters set, clients may applicableinclude the parameters in Key these the from attributes for set specified the Encryption MAC/Signing Key Key.or If a haskey key,the does but identify not algorithm the cipher or block is mode.possible It determineto RequestRegister Payload. The Wrapping Method identifies the mechanismtype of used wrap to Payload. Similarly, register clients wrapped keya by theincluding Key Wrapping Data in the returnto a wrapped key including by the Wrapping Key Specification Get in the Request provides optionKMIP the register to and get keys in wrapped format. Clients the request server 1.59 Non-Standards TrackNon-Standards Using WrappedUsing Keys KMIP with       irrelevant. exitno transitionthe from Destroyed-Compromised state, the of start the range is (t) Date Compromise orat before t’-1, and with Destroya Date at or before As ist’-1. there CompromiseDate(t'-1), DestroyDate(0), DestroyDate(t'-1)). withLocate keys a Match of statea at point some duringa range: time Locate (CompromiseDate(0), transition the from Destroyed-Compromised state, the end theof range (t’) is irrelevant. CompromiseDate(t), DestroyDate(0), DestroyDate(t)). as Same As above. is no there exit Match of statea duringan entire Locate range: time (CompromiseDate(0), timestate at t. Destroya Date at or beforeThese t. are, therefore,keys in the Destroyed-Compromised is no there transition.exit Locate keys a with Date Compromise or at before t, and with CompromiseDate(t), DestroyDate(0), DestroyDate(t)); nothing else needed, since is matchExact of statea at specified a time: Locate (CompromiseDate(0), Compromised wereand Compromised or Destroyed between at t or t’. and DestroyDate(t'), State(Destroyed-Compromised)). Locate keys that are Destroyed- CompromiseDate(t'), State(Destroyed-Compromised)) and Locate (DestroyDate(t), match Range aof transitiona to Locate given state: (CompromiseDate(t), theto Destroyed-Compromised state at t. time Compromised timestate at t, and thatlocate were keys Compromised and transitioned beshould issued doesCompromised)). KMIP not thesupport in the OR Locate request, sotwo requests State(Destroyed-Compromised)) and Locate (DestroyDate(t), State(Destroyed- matchExact of transition toa given a state: Locate (CompromiseDate(t), and outexit Active of or on after t+1. timesome t from by t’, to looking forkeys with transition toa between and Active 0 t’-1 CompromiseDate(t+1), CompromiseDate(MAX_INT)). Locate keys in the state at Active ActivationDate(t'-1), DeactivationDate(t+1), DeactivationDate(MAX_INT), Match of statea at point some duringa range: time Locate (ActivationDate(0), . The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply . . thatLocate were keys Destroyed and transitioned the to Destroyed- This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 49 of 83

[Type the document title] 1581 1580 1579 1578 1577 1576 1575 1574 1573 1572 1571 1570 1569 1568 1567 1566 1565 1564 1563 1562 1561 1560 1559 1598 1597 1596 1595 1594 1593 1592 1591 1590 1588 1587 1586 1583 1582 1589 1585 1584 245 244 248 247 246 Wrapping Wrapping Specification is included in the Getrequest,and a wants client requested the andkey asends Getrequest the to server, Key a Wrapping Specification may be included. IfKey a sendsThe client a Getrequest obtain to key a that is on stored server.the When the client 1.59.1 isMask not the should server set), return the Operation Failed result status. is notkey permitted be to for requestedused the (e.g., purpose Cryptographicwhen the Usage WrappingKey Data, has “Verify” bitthe in the set Cryptographic Mask. Usage wrapping If the key,signed server the verify should that the SignatureKey, as by specified client the inside have the Key” “Wrap bitset in its Cryptographic Usage Similarly, Mask. the if client registers a inspecified the Wrapping Key Specification inside the Get request,the symmetric key should be to for specifiedused the purpose. example,For the if Unique ID a of symmetric key is wrapping to Prior or unwrapping the key, a should server verify wrapping that the key is allowed the of Key Value. returned the Key Value is in plaintext, and Key the Wrapping Data includes or the SignatureMAC thePayload, Key Valuemay necessarily be not encrypted. If the MethodWrapping is MAC/sign, is importantIt note to that the if Key SpecificationWrapping is included in the Get Request suchstandards, as TR-31,or ANSI vendor-specific wrappingkey methods. addition, clients havethe request to option or import a Block wrapped Key according to may encrypted, be or bothsigned/MACed, encrypted signed/MACedand vice (and versa). In when requested in the Wrapping Key Specification theof Payload. GetRequest Value The Key provided be by clientthe in the Register Payload;Request the includes only server attributes ValueincludesThe Key both the Material Key and, optionally, attributes of key; the these may kmip-ug-v1.2-cnprd02 Mask.Usage asset allowable an Block Mode,and Cipher that the “Wrap bitis setKey” in the Cryptographic modewrap of operation. The verify should server that the wrapping AES key NISTKeyWrap has Cryptographicthe Parameters exist,and the lowest index not does tocorrespond NIST the key The Cryptographic Parameters attribute should specified be the by client multiple if ofinstances for wrapping theby key identifying the attribute Algorithm set forthe Encryption specified Key. insidethespecified Key Specification.Wrapping The determines server the algorithm used be to wrappingproposed key. example, For the algorithm theof wrapping key is explicitlynot The uses server Unique Keythe ID by specified client the to attributesdetermine the set forthe informationfollowing in the Wrapping Key Specification: its Cryptographic Usage attribute Mask to wrapped withbe key AES wrap, the the client includes Non-Standards TrackNon-Standards    Encrypt-onlyExample witha Symmetric Keyasan Key Encryption fora Attribute CryptographicAttribute Name: Usage Mask   Encryption Key Information Method:Wrapping Encrypt Request Get Responseand default block mode wrapping cipher for key is NISTKeyWrap) Cryptographic Parameters: The Block Mode Cipher (not is NISTKeyWrap if necessary ID: Unique Key ID theKey of wrapping AES key The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 50 of 83

[Type the document title] 1618 1617 1616 1615 1614 1613 1612 1611 1610 1609 1608 1607 1606 1605 1604 1603 1602 1601 1600 1599 1634 1633 1632 1631 1630 1629 1628 1627 1626 1625 1624 1623 1622 1621 1620 1619 250 249 253 252 251 The Key WrappingThe Key Data includes the following information: andParameters, Cryptographic UsageMask. includes attributes: four Cryptographic Algorithm, Cryptographic Cryptographic Length, Similar the to example andmechanism the encryption key used wrap to objectthe and the wrapping mechanism. thebind attributes the to Material, Key and the Wrapping Key Data theidentifies wrapping ofconsists the Material Key optionaland attributes that mayincluded be cryptographicallyto Wrapping TheData. Key Value Type identifies the format the Material,of Key the Key Value inside the Block. Key The Key includesBlock the Value Key the Key andType, theValue, Key ofID the inside wrapping key Request the Payload.The wrapped is providedkey the to server sendsThe client a request to Register serverthe the and wrappedincludes key and the Unique 1.59.2 Name. inspecified the Wrapping Key Specification theof GetRequest Payload except for the Attribute WrappingThe Key Data of the Block Key in the Get Response Payload includes the same data as (bytekey string) isin returned server’sthe response insidethe Value Key the Block.of Key requested key thewith wrapping key inspecified the Encryption Key TheInformation. wrapped Keythe Value(both Keythe Materialand the Cryptographic Usage attribute) Mask forthe correctIf datathe was provided the to server, and exist, conflicts no server the key AES wraps kmip-ug-v1.2-cnprd02 listoptional of attributes implicitlythat setwere by server.the ResponseThe Register Payload includes the ofUnique ID the newly keyregistered and an haswrapping key the “Unwrap Key” in thebit set Cryptographic UsageMask. Blockspecified Mode Cipher the for is set wrapping key. The also server that verifies the Cryptographicthe Parameters in the Encryption Key Information, serverthe that verifies the wrappingthat the key may be for specifiedused the purpose. particular, ifIn the includes client attribute for set specifiedthe Unique Encryption ID in the Information. Key The verifies server unwrapping to Prior the key, the determinesserver the wrapping thealgorithm from Algorithm themspecifying inside Template-Attribute.the ValuewithKey attributes, may includeclients these attributes insidethe Key Valuewithout Attributes not do specifiedneed be to in the Wrapping Key Data. When wrappedregistering a Non-Standards TrackNon-Standards   Encrypt-onlyExample witha Symmetric Keyasan Key Encryption fora   Encryption Key Information Method:Wrapping Encrypt RegisterRequest and Response default block mode wrapping cipher for key is NISTKeyWrap) Cryptographic Parameters: The Block Mode Cipher (not is NISTKeyWrap if necessary ID: Unique Key ID theKey of wrapping AES key in The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply

4.2.1 4.2.1 keythe is wrapped using AES wrap. the key The Key Value This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 51 of 83

[Type the document title] 1656 1655 1654 1653 1652 1651 1650 1649 1648 1647 1646 1645 1642 1641 1640 1639 1638 1637 1636 1635 1672 1671 1669 1668 1665 1664 1663 1662 1661 1660 1659 1658 1657 1644 1643 1670 1667 1666 255 254 258 257 256 Payload. sameincludes the data as in specified the Key Wrapping theSpecification of GetRequest WrappingThe Key Data returned by serverthe in the Block theKey of GetResponse Payload Mask Usage set are for the wrapping corresponding key. Parameters in the Wrapping Key Specification and the Key” “Wrap bitin the Cryptographic theto padding associated method. The should server verify specifiedthat the Cryptographic Cryptographic Parameters exist the for wrapping and key, the lowest does index not correspond The Cryptographic Parameters attribute is specified the by client multiple if of instances not are requested. in the WrappingKey Note Specification. that forthis example, attributes for the requested key public RSA using OAEP key the encryption scheme, the includes theclient following information included. abe WrappingIf Key Specification is andincluded, theis to key wrapped be anwith server.the When the sends client a Getrequest the to server, Key a Wrapping Specification may sendsThe client a Getrequest obtain to key a (either symmetric or asymmetric) that is on stored 1.59.3 kmip-ug-v1.2-cnprd02 hash function, may determined frombe Algorithm the attribute for set specified the MAC Key. HMAC,For Cryptographic no Parameters need be to specified, algorithm, since the including the Wrapping Specification is specified: Custom Attribute (i.e., x-Nonce) is be to MACedwith HMAC SHA-256, the Key following asends Getrequest the to server, Key a Wrapping Specification may be included. Ifkey a and sendsThe client a Getrequest obtain to key a that is on stored server.the When the client 1.59.4 hashing data.The example above requires the use to server for SHA-256 purposes.both Parameters the of Getrequest is used forboth the Function Generation Mask and (MGF) both For KMIP OAEP and assumesPSS, Hashing that the specified Algorithm Cryptographicin the Non-Standards TrackNon-Standards      MAC-onlyExample HMACwithan Key Authenticationasan Key for a Get Encrypt-onlyExample Asymmetricwithan Key Key Encryption as an for  MAC/SignatureKeyInformation Method:Wrapping MAC/sign RequestResponseand   Encryption Key Information Method:Wrapping Encrypt Requesta Get and Response Attribute x-NonceAttribute Name: Cryptographic Parameters: ID: Unique Key ID theKey of public RSA key this key this key bewould HMAC-SHA256) ID: Unique Key ID theKey of MACing key that (note the algorithmassociated with Hashing Algorithm: SHA-256 Padding OAEP Method: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 52 of 83

[Type the document title] 1694 1693 1692 1691 1690 1689 1688 1687 1686 1685 1684 1683 1678 1677 1676 1675 1674 1673 1710 1709 1708 1707 1706 1705 1704 1703 1699 1698 1697 1696 1695 1682 1681 1680 1679 1702 1701 1700 260 259 263 262 261 wrapped key wrapped key anas opaque object, have clients optionthe storethe to wrapped key insidethe toable key unwrap the (i.e., the is wrapping not key known the to server).Instead storing theof mayClients want to register and wrapped storea on key server the server without the being 1.59.5 samethe wrapping/signing key. wrapped key is recommendedand to setbe clients if frequentlywrap/sign samethe key with The custom time. attribute needs be to beforecreated requesting the return to server a would clients be use to custom attributethe to holda number, random nonce,counter, date, or protection provided mechanisms by securitya protocol. alternative An these approachfor management server, may support not TLS not and may be to able therely on message proxythe model,detect to replay attacks. End-clients, who thecommunicate with key theIn example, the custom attribute x-Nonce was clients,included help to are who relyingon BlockKey following includes the Key Data:Wrapping for the purpose specified and conflictsexist.no The Key Valueis returned andin plaintext, the The createsan server HMAC value over Key the Valueif specified the may MACing bekey used Cryptographic Usage Mask. Mask.Usage that Note an HMAC key does requirenot the Key” “Wrap be bitto set in the The verify should server that the HMAC key has “MACthe Generate” bitset in the Cryptographic kmip-ug-v1.2-cnprd02 insidethespecified Key Specification.Wrapping Similarly, server the is expected return to the returnsserver the Option Encoding if Error the both Encoding andOption Attribute Names are The Option Encoding is availableonly no if attributes specified are inside the Value. Key The KMIP-aware. format. encoded mayThis be indesirable a environment,proxy where the isend-client not and WrappingKey This Data. allows option Getor usersto Register the Value Key non-TTLVin a provides optionKMIP the specify to Encodingthe inside Option Key the Wrapping Specification 1.59.6 The Key DataWrappingdoes neednot to bespecified.   Opaque cryptographic objects set are specifying by the inside following Key structure:the Block objectscryptographic (e.g., Cryptographic Algorithm and Cryptographic Length), opaque cryptographic object clientsallows set to applicableall the attributes that apply to object,cryptographic but encodingthe of key is unknown the to server. anRegistering BlockKey an as opaque cryptographic i.e., object, wrapped the is registered key a as managed Non-Standards TrackNon-Standards Key Key Material: keya Wrapped ByteStringas Type: Key Format Opaque     Encoding Option forEncoding Option Wrapped Keys Registering Wrapped a Key Cryptographic Opaque as an Object MAC/Signature: HMACMAC/Signature: result of Key theValue Key UniqueID: ofKey MACing ID the key MAC/SignatureKeyInformation Method:Wrapping MAC/sign The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 53 of 83

[Type the document title] 1733 1732 1731 1730 1729 1728 1727 1726 1725 1724 1723 1722 1721 1720 1719 1718 1717 1714 1713 1712 1711 1748 1747 1746 1745 1744 1743 1742 1741 1740 1739 1738 1737 1736 1735 1734 265 1716 1715 264 268 267 266 following scenarios:following usagetherefore the theof Option Encoding only are recommended leastin at one theof if,attack for example, nonceisa included as custom attribute. a The attributes exclusion of and Material could prevent potential of misuse the object cryptographic and may prevent a replay theUsage). Including attributes insidethe Key Value and cryptographically it to binding Keythe thevia GetAttributes operation) that thedetermine how key usedis Cryptographicbeing (e.g., thesecurity of end-client. An untrusted couldproxy change the attributes (provided separately BindingValue. the attributes the materialto key in certain environments is essential the to is importantIt be to aware of risksthe involved whenthe excluding attributes from Keythe format. inside the GetResponse Payload or when registering wrapped objecta in non-TTLV encoded inspecified the Wrapping Key Data when returningthe non-TTLV encoded wrapped object specifiedbe insidethe Wrapping Key Specification. The same Encoding Option be should Material Key value Get during a operation, the Encoding Option (00001 encoding)for no should (i.e.,material 0123456789ABCDEF0123456789ABCDEF in the above example). To wrap the only maySome end-clients not understand or havethe for space anything morethan the actual key 420043 Key Material Keyencoded Valuecontent, as shown examplein the below,is wrapped: assumesKMIP that the Value Key is byTTLV-encoded. Thus, default, the TTLV- complete and Encodingthe is Option set in the WrappingKey Data. noIf Option Encoding is specified, OptionEncoding when registering Error wrapped objecta with attributes insidethe Value Key kmip-ug-v1.2-cnprd02 1.0. Version that interoperable are across using clients, multi-vendor KMIP the TapeLibraryKMIP Profile sectionThis describes methods and provides examples forcreating and storing key identifiers 1.60 scenariounless is 4 met. Registering wrapped objecta without attributes is not recommended proxyin a environment, Non-Standards TrackNon-Standards 1. 4. 3. 2. Interoperable Key Naming for Tape trustedbe and is operating secure in a environment. The communicating proxy the server with KMIP behalfon of end-client the is considered to may thebe caseif Keythe Format Type is opaque or vendor-specific. attributes not are byinterpreted the server, KMIP but understood are by end-client.the This The wrapped cryptographic of object consists attributes insidethe Material Key value.These having rely to on attributes the provided by Get the Attributes operation. objectscryptographic (possibly Raw keys) the from server KMIP be should withoutused The environment isand controlled non-KMIP-aware are end-clients wrappedaware how (i.e., thedirectly TLS connection theis andbetween server client). areEnd-clients with registered theand server KMIP are thecommunicating with server || 08 || ByteStringLengthKeyMaterialValue ||000000100123456789ABCDEF0123456789ABCDEF The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 54 of 83

[Type the document title] 1769 1768 1767 1766 1765 1764 1763 1762 1761 1760 1759 1758 1757 1756 1755 1754 1753 1752 1751 1750 1749 1784 1783 1782 1781 1780 1779 1778 1777 1776 1775 1774 1773 1772 1771 1770 270 269 273 272 271 organization. unauthenticated fields. usage isKAD detailed in the SCSI SSC-3 standard the from T10 AssociatedKey (KAD): Data 1.60.1.2 compliant implementations. Examplesof algorithms the provided are below. bytes the within KAD so the canidentifier be re-assembled in the correct sequence by other numeric text(KAD) (ASI)and representations of identifier; the b) standardizedand ordering of Interoperability byis achieved a) standardized algorithms mapto bytethe values between Data.Associated This forfutureallows retrieval theof key for decryption. compressed A (numeric) transformation the of identifier string is in stored the tape format’s Key policy.determined by The LIBRARY-LTO namespace for is preferred maximum interoperability. ischaracters unique within chosennamespace. a ofMethods generatingthe string are identifierThe key isKMIP composed a string, hexadecimal of characters.numeric string ofThis keygenerated identifiers. attribute.Specific Information (ASI) The method both supports client-generatedand server- The methodthe Tape uses KMIP Library profile This Profile. ofspecifies use the Application KMIP 1.60.1.1 manager.key 2between or moreKMIP-compliant tape that libraries are all with registered the same KMIP common methodA for naming and keys retrieving is support to needed moving tape cartridges 1.60.1 kmip-ug-v1.2-cnprd02 Refer the to Tapeprofile KMIP for algorithm1. 1.60.1.3 fields, respectively. N(u):N(a), unauthenticated). N(k): exactlyrepresented by 2 hexadecimal numeric characters. leadingvalue. A zero character is provided, necessary, if so byte inthat every tape’s the KAD is Hexadecimal numeric characters always are paired, each pair representing single a 8-bit numeric 30h-39h 41h-46h).and representing numbers the 0 9 through and alpha uppercase A F. (US-ASCIIthrough characters Hexadecimal numeric characters Application Specific Information(ASI): Non-Standards TrackNon-Standards The number The number bytes inof the tape format combinedKAD fields (both authenticated and Native Tape by Encryption Clienta KMIP Definitions OverviewMethod

ImplementationExample 1.Keyof Algorithm identifier tostring numeric direction(Converting the ASI tostring tapeformat’s KAD) The number The number bytes inof the tape formats authenticated, and unauthenticated KAD The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply Part of Part the tape format. May segmentedbe intoauthenticated and This Non-Standards is a Work Product. Track : Case-sensitive,: printable, single charactersbyte ASCII A attribute. KMIP Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 55 of 83

[Type the document title] 1808 1807 1806 1805 1804 1803 1802 1801 1800 1799 1798 1797 1796 1795 1794 1793 1792 1791 1790 1789 1788 1787 1786 1785 1824 1823 1822 1821 1820 1819 1818 1817 1816 1815 1814 1813 1812 1811 1810 1809 275 274 278 277 276 This algorithm This is withassociated reading KAD, the typically in preparation afor retrieving key. 1.60.1.4 example implementation asis follows. algorithm This is withassociated writingthe KAD,typically allow to future retrievalof key. a An kmip-ug-v1.2-cnprd02 6. 5. 4. 3. 2. 1. exampleAn implementation is as follows Non-Standards TrackNon-Standards Convert the Convert the value to byte's 2exactly hexadecimal numeric characters, including leading a 0 byte each For in the input buffer, US-ASCIIas convert to follows: buffer input bewill populated with bytes authenticated from KAD. many implementations the unauthenticated KAD and is empty, in those casesthe entire bytes copy First, US-ASCIIcharacter.te Define the standard POSIX(also known C) locale. as Each character string in the is single-bya s. Define an output buffer sufficient contain to a string with maximum a length of 2*N(k) byte ed). nauthenticated). LTO5,N(k) For bytes is (60 92 bytes authenticated, 32 bytes unauthenticat Define an buffer input for Forsized N(k). LTO4,N(k) 44 bytes bytesis (12 authenticated, u 32 nibble representednibble by the left-most hexadecimal numeric character. Appendwhere necessary. these numeric 2 characters the to output buffer, the with high- Implementation ExampleAlgorithm 2. toof Numeric key identifier string from the from authenticated are KAD concatenated, unauthenticatedafter the bytes. direction(Converting tape format’sKADto ASI string) the tape format’s 5. 4. 3. 2. 1. any) ofany) the string.identifier buffer,KAD by the converting remaining hexadecimal character pairs (if authenticatedWhen the KAD is filled, next populate the unauthenticated string. consisting theof (rightmost) last 2*N(a) ofcharacters the identifierkey populate First, authenticatedthe KAD buffer, a converting sub-string string issingle-byte a US-ASCII character. Define the standard POSIX(also known C) locale. as Each character in the data. be would 32 unauthenticatedbytes of data and 60 authenticated bytes of unauthenticated data, 12and bytes of data.authenticated this LTO5, For N(u)size and N(a) respectively. LTO4,thiswouldFor be bytes of32 Define output buffers for unauthenticated KAD, and KAD, authenticated of name directly stored in thefields. KAD Forfields. LTO5,a character184 string is sufficient represent to any key string is sufficient represent to nameany storedkey in the directly KAD string an to buffer input size of 2*N(k) bytes. For LTO4, an character88 isidentifier a string ofKMIP hexadecimal numeric characters. Copy the createsThe client key a or identifier obtains one thefrom server. The The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track unauthenticated KAD dataKAD Copyright © Copyright OASIS Open Reserved.Rights© All 2014. (if any) to the to input buffer. . Page Page 19 June 192014 Next, In In 56 of 83

[Type the document title] 1844 1843 1842 1841 1840 1839 1838 1837 1836 1835 1834 1833 1832 1831 1830 1829 1828 1827 1826 1825 1849 1848 1847 1846 1845 280 279 283 282 281 Spaces Spaces shownare improve forto readability, but NOT are part the string. of ASI Every 8 4E53 3133 32 34 35 below. is shown string will This be Application in stored ASI Data. The corresponding key KMIP identifier, which isstring of a hexadecimal numeric character pairs, smaller the character 44 KAD of space LTO4. setThis characters of is suitable a as identifier key foreither or LTO5, LTO4 it will fitsince within specified as KMIPin the TapeProfile. Every 8 example This is set a 40 of characters bewhich will used create to a key KMIP for identifier use SN12345 text string which could used be generate to KMIP a identifier key fortape is as follows. identifier.key The content this of is material based on orserver client example policy. An aof ofkey identifier.Example a creating keythe via ASI. accomplished algorithm via This2. re-constructed key string identifier would be toused Locate translationThe reverse KAD from bytes the to KMIP identifierkey isshown, not would but be andLTO4 LTO5 examplesof KAD are contents provided. willidentifier thentranslated be for storage tape intoa usingformat’s KAD, algorithm1. Both usageThe example following will keycreate a identifier storedwhich can be in ASI. The 1.60.1.5 kmip-ug-v1.2-cnprd02 anwith LTO4 tape cartridge in is shown followingthe figure. the (LTO4). to key identifier KAD bytes Translating identifier.key the Note identifier exactlyhas 2x morecharacters material than the used generate to KMIPthe hexadecimal numeric pair is bold. Non-Standards TrackNon-Standards 31 3231 3335 34 5F 54 Usage Usage Example 6 _MFR:XY 36 4D Z INC_BA 5F 4D 46 5F 4D 52 59 3A 58 The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply 32 32 3130 33 32 31 33 This Non-Standards is a Work Product. Track R 12345_T Implementation-specific is material used generate to a th M 5A 34 character is bold. 2013123 20 4943 4E 5F 42 41

The corresponding content, KAD for use Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 4 52 . Page Page 19 June 192014 th

57 of 83

[Type the document title] 1853 1852 1851 1850 1859 1858 1857 1856 1855 1854 285 284 288 287 286 pair of hexadecimalpair of charactersnumeric in the key KMIP string. identifier squareEach isbyte 1 (8 bits). Theof contents square each is the bitvalue 8 which arepresents kmip-ug-v1.2-cnprd02 and LTO5 later tape cartridge in theis shown following figure. the (LTO5). to key identifier KAD bytes Translating writtenwere unauthenticated to KAD. stringidentifier into authenticatedbytes of KAD. The remaining characters theof identifier wasThe populated KAD converting by rightmost the 24 (12characters pairs) character of the Every 8 Non-Standards TrackNon-Standards th byte of KAD is shaded. The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply

AKAD UKAD This Non-Standards is a Work Product. Track F 31 20 5 53 IGURE F 31 35 4 32 49 4 2: KAD C KAD 2: D E 5 32 F 33 4 46 31 E 54 33 34 43 52 32 4 34 ONTENT D 28 3 5 33 of F A 32 The corresponding The corresponding for KAD with use an 32

Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 42 58 34 FOR bytes utilized 30 LTO4 41 59 35 31 5 52 36 A 33 . Page Page 19 June 192014 58 of 83

[Type the document title] 1863 1862 1861 1860 1878 1877 1876 1875 1874 1873 1872 1871 1870 1869 1868 1867 1866 1865 1864 290 289 293 292 291 pair of hexadecimalpair of charactersnumeric in the key string.identifier squareEach isbyte 1 (8 bits). Theof contents square each is the bitvalue 8 which arepresents kmip-ug-v1.2-cnprd02 Example output: extensions. Extension ListQuery value in the Query field.Function provides This the thenames of supported clientA may request list of the Extensions supported by 1.1 server KMIP a specifying by the toable determine which extensions a supports. server KMIP Extension Map of functions Querythe Operation a provide for mechanism client KMIP to a be The Extension Information structure added to 1.1 and KMIP the Extension ListQuery and Query 1.61 theall of data fits authenticated within KAD. stringidentifier into authenticatedbytes of KAD. The unauthenticated KAD isused not because wasThe populated KAD converting by the 80rightmost characters character (40 ofpairs) the Every 8 Non-Standards TrackNon-Standards Query ExtensionQuery Information th Extension Information Extension Information byte of KAD is shaded. Extension Name: ACMEExtension LOCATION Name: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply

UKAD This Non-Standards is a Work Product. Track AKAD 32 31 20 53 F 5 F IGURE 30 32 49 4 4 D E 3: KAD C KAD 3: 31 33 46 31 4 E 33 34 43 52 32 ONTENT 0 31 35 3 33 5 40 A F of of 32 32 42 58 34 5 60

Copyright © Copyright OASIS Open Reserved.Rights© All 2014. F bytes utilized FOR bytes utilized 33 54 41 59 35 LTO5 34 4 52 5 36 D A . Page Page 19 June 192014 59 of 83

[Type the document title] 1896 1895 1894 1893 1892 1891 1890 1889 1888 1887 1886 1885 1884 1883 1882 1881 1879 1910 1909 1908 1907 1906 1905 1904 1903 1902 1901 1900 1899 1898 1897 295 294 298 297 296 to meaningfully meaningfully to anuse extension, following the registration procedure should used. be tagAs values and theirinterpretation forthe part most be should known fora and client server 1.62 Example output: supported extensions. Extension MapQuery value in the Function Query field. provides This names ofthe the clientA may request details the of Extensions supported a by 1.1 by server KMIP specifying the kmip-ug-v1.2-cnprd02 Universal), and managementanother key environment. PGPparticular environment, such as Symantec Encryption Management (SEMS, Server née PGP environments, ait can provide valuable mechanism formovement PGP keysof between a anddocuments other resources. isAlthough by KMIP meansno required for of support PGP that addresses significantuse casesrelated such to areas secure as exchange email, of both PGP, as product andvendor as providesstandard, rich a environment forkey management 1.63 is anticipatedIt that a template document mayproduced be for thisregistration process. Non-Standards TrackNon-Standards 1. 3. 2. Using KMIPUsing for PGP Keys Registering Extension Information     Request a a Request TC KMIP balloton accepting the of reservation the Extension Send the Document the to TCKMIP requesting review Document Extensions the including: Extension Information Extension Information Example Guidance Example use casemessages(requests and responses) brief A ofdescription the of purpose the Extension Extension Tag, Extension Extension Name, Type values be to reserved Extension Name: ACMEExtension ZIP Name: CODE Extension Type: Integer Extension Tag: 0x54AA02 ACMEExtension ZIP Name: CODE Extension Type: TextString Extension Tag: 0x54AA01 ACMEExtension LOCATION Name: The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 60 of 83

[Type the document title] 1932 1931 1930 1929 1928 1927 1926 1925 1924 1923 1922 1921 1920 1916 1915 1914 1913 1912 1911 1946 1945 1944 1943 1942 1941 1940 1939 1938 1937 1936 1935 1934 1933 1919 1918 1917 300 299 303 302 301 parent, child, previous and example,next. For the private and keyspublic associated awith PGP values that enable the ofdescription thisset PGP Key of The relationships. new values are together trust in a relationship is one typical arrangement.) The Link attribute supports new encryption operations (one key forfor signing, one encryption, oneand tie to otherthe two PGP keysInternally, may contain many public-private key each pairs, a to tied type specific of does server havetonot thiswork. do these Alternativeassign Name attributes the to on cryptographic managed object. The KMIP object. TheKey PGP-enabled clients expectedare to thedigest PGP Key properly object and attribute used can be to more one specify or names (e.g. IDs) User that attachedare to PGP the searching by offor one the names various contained the within block. The AlternativeName ishere that PGP-enabled be clients able discover to the managedPGP Key cryptographic objects compliant servers KMIP need not todo understand the fine structure PGP keys.of The intention The managed PGP Key object contains a PGP key (specified in order to In thesupport cases, PGP use KMIP introducesV1.2 new capabilities: operationsobjects, and attributes in general. capabilities in KMIP, such the as PGP Key object introduced V1.2, and in KMIP of messages, KMIP UseKMIP Cases document, can be supported by advantagetaking both the of PGP-specific However, the casesrelateduse movement to of across PGP keys environments, described in the does KMIP attemptnot represent to the full range functionalityof in PGP environments. kmip-ug-v1.2-cnprd02 PGP-enabled clients will thecreation do and key pass the resultinginformation to up KMIP. complaint servers KMIP expected not are be to to able create PGP Key from objects scratch. PGP keys. coordination thebetween PGP environments that participate in the exchangesrelatedKMIP to given PGP key. informationThis be would handled by security and administration out-of-band these attributes,of necessary, if as information theenclosed within opaque value defined fora supported, by PGP key a not are expressed within Instead, KMIP KMIP. enables the specification that be would managed a within PGP implementation. example, For such policies as algorithms mentioned above, As KMIP notdoes to attempt all therepresent information about PGP keys Key. usedbe define to structuralthe relationships required establishto web of the trustfor PGP a other each to the with “previous” and attributes.“next” link this In theway, link attributes can (ADK) canKeys be pointed from to PGP Key thethe with “child” link attribute can and point be can beKey pointed from to PGP Key thethe with “child” link attribute. Additional Decryption Non-Standards TrackNon-Standards    Enhancementsto Link attribute Alternative attribute Name KeyPGP managed object The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. [RFC4880] . ) as opaque blob.an Page Page 19 June 192014 61 of 83

[Type the document title] 1966 1965 1964 1963 1962 1961 1960 1959 1958 1957 1956 1955 1954 1953 1952 1951 1950 1949 1948 1947 1984 1983 1982 1981 1980 1979 1978 1977 1976 1975 1974 1973 1972 1971 1970 1969 1968 1967 305 304 308 307 306 manufacturing process. Rather, credential a is propagated out-of-band to client the client, such as installinganby X.509 certificate intoa tapedrive library or duringthe this In approach, is no there pre-populationassumption of authentication credentials in the 1.64.1 authentication mechanisms used can be with are KMIP, but described not here. messages,KMIP corresponding the to published authentication KMIP suite profiles; other establishment of mutually-authenticated a TLS connection the as trusted basis exchange of may usedbe instead but not are described here. all threeSimilarly, scenarios describe the X.509 certificates fortrustestablishment; other mechanisms, such as quantum key distribution, Reflecting common usage forKMIP, all three the of scenarios described below the discuss use of registration. channel, thissection provides more detailed information about these to approaches client order to In thesupport of goal establishing interoperable an approach establishing to this KMIPbetween and servers such clients, as mutually-authenticated a TLS channel. The of goal these approaches to is establish KMIP-interoperable the secure orchannel channels There severalare common approaches registeringKMIP to with servers: clients KMIP 1.64 kmip-ug-v1.2-cnprd02 information; but commonly thisis done mechanisms using than other KMIP, nor is there any secureestablishing channel.the There is nothing prevent to KMIP used sendbeing to this this In isusedmodel, not KMIP transmit to the X.509 certificate and informationserver in used KMIPthe message, any. if in client return and recognize to additionalthe information in provided credentialthe object in certificate thepresented by client, presentcorrectto X.509 the certificate of its own the to The servermessages. administrator must haveconfigured serverthe recognize to X.509 the during the establishmentof secure the channel;TLS second duringthe transmission of KMIP library. indicated, As the use thispackageof of materials place takes during two first phases: established channel, suchto as finer provide for granularity drives particular a within tape thatinformation can included inbe the credential of the messagesentKMIP across the authentication, clientenabling verifythe to the identity; server and 3) possibly additional certificate bethat will presented by the the to server client duringnegotiation of the mutual serverthe when creating a mutually-authenticatedTLS session; 2) information about the X.509 packagecreating a that contains 1) X.509 certificate that the will use client identifyto itself to The common registration most that model takes thisapproach the entails server administrator and contactsubsequent between theand client server systems. administrator, installs who it into the environment.client The credential is then used initialon Non-Standards TrackNon-Standards    RegistrationKMIP Client Models Manual Client Manual RegistrationClient Configuring a KMIP Configuring KMIP for a withServer use Automatic RegistrationClient clientAutomatic registration multiple across trust boundaries Manual registration client a within trustboundarysingle The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 62 of 83

[Type the document title] 2006 2005 2004 2003 2002 2001 2000 1999 1998 1997 1996 1995 1994 1993 1992 1991 1990 1989 1988 1987 1986 1985 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 310 309 313 312 311 return of return of server’s the packet registration of is immediate and automatic; alternatively, the whether the clientinitial certificate should accepted.be The scenario above assumes that the this In common variantmodel, one is to require administrator intervention determine to usedbe forestablishing the secure TLS with channel the server. registration packet in section use to it establish to initial an TLS session. The thenserver sends equivalentthe of auto-registration, client the device the sends X.509 certificate the to server, forexample in order aas received ID, Service the from administrator. server Oncethe client administrator initiates beThere will typically be configuration activity for the deviceclient based information, on such administrator server in section exchangesubsequent the of kindof information between exchanged client administrator and manufacturing process. This thencertificate used is as bootstrapa mechanism for the of version this approach, an X.509 certificate is ininstalled a deviceclient duringthe trust between the and isclient server accomplished by other some mechanism. In common one in theprovided package provided the by server Instead,administrator. the establishment of this In approach the credential used establish to mutually-authenticated a TLS connection is not 1.64.2 and orin one moreKMIP ismessages also, likely therefore, to acrossvary vendors. nor default. a such Inclusion of a credential in the package to distributed the administratorclient ofThe use additional asinformation the credential in the messageis also KMIP required neither information. The distribution mechanism, therefore, may vary well vendors.across expectation thatis a KMIP required or defaultmechanism forpropagating credential the and the kmip-ug-v1.2-cnprd02 tenant identifier with along the X.509 certificate so that the canserver decidewhether to accept a follow suchregistration model as that described in section for clients them use to they register to attempt The individualindividually. sub-clients would toinformation the client, sucha as “tenantidentifier”, which it have will to provide to sub- in approaches section establishment of trustbetween the and client server accomplishedcan be using of either the third common modelA forregistering sub-clients of trusteda this client. In model, the 1.64.3 asclient legitimate a participant message in KMIP exchange. onlyintended not register to the cryptographic but object, alsoto theinitiate registration of the ausing register operation, the KMIP server be tomust able that distinguish this isoperation server.the However, thisis not required and is currently typical. Ifnot it is sent the to server discussed inAs section only server, but after that beenaction approved has anby administrator. section return of packetthe information of may be manually done theby administrator, server as in Non-Standards TrackNon-Standards Registering Trusted on Based a Sub-Clients PrimaryClient AutomatedRegistration Client 1.64.1 above; or the return of packetthe of information server may done thebe by 1.64.1 1.64.1 The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply or , KMIP , can be by used the in sendingclient the X.509 certificates to 1.64.1 This Non-Standards is a Work Product. Track 1.64.1 1.64.2 above theandto client the client returns the certificate to . . However, the. may server alsosend additional Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 1.64.2 , but, would the alsoprovide . Page Page 19 June 192014 63 of 83

[Type the document title] 2030 2029 2028 2027 2026 2025 2024 2023 315 314 318 317 316 But againBut this is currently no common practice. can be KMIP used for sendingthe both client certificate and tenantthe to identifier server.the and trust relationships established based on those identities. based theirassociation on with a entity,larger trusted but that also need identities individual approachThis is common clients fortiered such as virtualmachines that groupedneed be to primary client. client,the based such on criteriaas the of TCP/IP address the sub-clientrelative that to of the kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 64 of 83

[Type the document title] 2048 2047 2046 2045 2044 2043 2042 2041 2040 2039 2038 2037 2036 2035 2034 2033 2032 2031 2056 2055 2054 2053 2052 2051 2050 2049 320 319 323 322 321 from thefrom certificates can be and no preserved conversion thefrom values encoded into text a these was fields changed from which are were fields encoded as populated values from found X.509 publicwithin or PGP key certificates. KMIP In v1.0 these v1.0 The KMIP 1.66 may removedbe in any document version. non-normative deprecated in any but document removedversion, in only majora version. Information in the clauses or normative other information in the any version,document but willremoved be only majorin a version. conformance Similarly, Items in the normative 1.65 future of release the Use deprecatedof functionality is discouragedsince such functionality maydropped be in a sectionThis describesfunctionality KMIP that has been deprecated. 5 kmip-ug-v1.2-cnprd02 corresponding tag value. Table provides 4 list a of deprecated certificate-relatedthe attributes and fields withalong their certificate-related attributes for X.509 certificates introduced. were replace themnewly named with attributes and fields. As of part separate thischange, Text String encoding, decisiona was made deprecate to these attributes v1.1 in KMIP and specificationKMIP and thatmay there be implementations supporting these attributes using the theseSince certificate-related attributes and fieldsassociated included were part as theof v1.0 string is necessary. Non-Standards TrackNon-Standards Certificate Attribute Related Fields KMIP Deprecation Rule Deprecated KMIP Functionality ASN.1 ASN.1 or(X.509) octet (PGP) Certificate Identifier, Certificate Subject KMIP KMIP GuideUsage [this document] CertificateSubject Name CertificateIssuer Distinguished Name CertificateIssuer Alternative CertificateIssuer CertificateIdentifier Deprecated Deprecated Attribute/Field [KMIP-Spec] KMIP Specification KMIP Text String The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Text String . , but values ofthe theseare fields obtained certificates from encoded. In v1.1, KMIP the data type associated with to

[KMIP-Spec] Byte Byte String KMIP Profiles KMIP 42001A 420017 420016 420015 420014 and and DeprecatedTag Value Copyright © Copyright OASIS Open Reserved.Rights© All 2014. and document document markedcan be deprecated in KMIP Test CasesKMIP sothat the these values fields of parsed Certificate Issuer

[KMIP-Prof]

. document can be [KMIP-TC] attributes are documents Page Page 19 June 192014 65 of 83

[Type the document title] 2060 2059 2058 2057 2073 2072 2071 2070 2069 2068 2067 2066 2065 2064 2063 2062 2061 325 324 328 327 326 1.67 1.67 T Table provides 5 mapping a of to v1.0 v1.1 certificate attributes and fields. T kmip-ug-v1.2-cnprd02 Table lists 6 the PGP Certificate Type enumeration which has been deprecated of as 1.2. KMIP Type concepts andintroduction the of new a PGP Key managed object. cryptographic These changes deprecation include the of PGP Certificatethe Typeand PGP Certificate Request in 1.2 introducesKMIP changes and to additions that PGPKMIP allow usage asscenarios specified way. apply X.509 publicthe key certificate structure attributesand to PGP credentials in a meaningful associates a public single to key subject. a a As these resultdifferences of it difficult was to pairs and publicassociated key certificates the to same while subject, X.509a certificate credentials specified as in keyX.509 public certificates, suitedis well not fordescribing PGP keys and associated RequestCertificate Type. theHowever certificate which concept, is typically associated with 1.0 andKMIP 1.1 included for support aPGP via PGP Certificate Type and PGPassociated Non-Standards TrackNon-Standards ABLE ABLE [RFC4880] PGP CertificatePGP and Certificate Request Types CertificateSubject CertificateIssuer CertificateIdentifier 4: D 4: 5: M 5: DeprecatedV1.0 EPRECATED APPING Attribute

to to betterbe supported KMIP. within (See Section

OF SerialNumber Issuer DistinguishedName CertificateSubject Name CertificateSubject Alternative C

V ERTIFICATE 1.0 1.0 TO The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply

[RFC4880] V Alternative Alternative Name CertificateSubject Distinguished Name CertificateSubject Alternative Name CertificateIssuer Distinguished Name CertificateIssuer Number Serial Issuer 1.1 C 1.1 R DeprecatedV1.0 This Non-Standards is a Work Product. Track ELATED ERTIFICATE Field A . . TTRIBUTES For example,For PGP may associatemultiple asymmetric key R ELATED

AND A Issuer Issuer X.509Certificate Identifier X.509Certificate 420087 42003B 42001C 42001B Subject Subject X.509Certificate New V1.1 New Attribute F TTRIBUTES IELDS Copyright © Copyright OASIS Open Reserved.Rights© All 2014.

AND F 1.63 IELDS for for more information.) Name Issuer Distinguished Number CertificateSerial Name Issuer Distinguished Name Subject Alternative Distinguished Name Subject Name Issuer Alternative . New V1.1 FieldNew Page Page 19 June 192014 66 of 83

[Type the document title] 2078 2077 2076 2075 2074 330 329 333 332 331 T 1.2KMIP Table lists 7 the PGP Certificate TypeenumerationRequest beenwhich deprecatedhas as of T kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards ABLE ABLE 6: D 6: 7: D 7: EPRECATED EPRECATED PGP Name PGP Name PGP-C C PGP The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply ERTIFICATE ERTIFICATE This Non-Standards is a Work Product. Track T R YPE EQUEST CertificateRequest Type CertificateType T YPE 00000004 (deprecated) Value 00000002 (deprecated) Value Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 67 of 83

[Type the document title] 2083 2082 2081 2080 2079 335 334 338 337 336 document. Specification" document itself, The conformance requirements forthe Specification KMIP foundcan in be the "KMIP documentThis is intendedbe to informational and only as no such has conformance clauses. 6 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards ImplementationConformance The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track at theat URL noted “Normativein the References” section of this Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 68 of 83

[Type the document title] 2088 2087 2086 2085 2084 2109 2108 2107 2106 2105 2104 2103 2102 2101 2100 2099 2098 2097 2096 2095 2094 2093 2092 2091 2090 2089 2133 2132 2131 2130 2129 2128 2127 2126 2125 2124 2123 2122 2121 2120 2119 2118 2117 2116 2115 2114 2113 2112 2111 2110 340 339 343 342 341 Participants inUsageGuideV1.2 Participants KMIP acknowledged: The kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards Appendix A. Appendix following individualsfollowing haveparticipated creationin of the thisspecification and gratefully are ChengDong He,ChengDong Huawei TechnologiesCo., Ltd. Thomas Hardjono, M.I.T. RobertHaas, IBM PaulGrojean, Individual RobertGriffin, EMC Corporation Susan Gleeson, Oracle Furlong, Judith EMC Corporation Fitzgerald, Indra Hewlett-Packard Fitzgerald, James Inc.SafeNet, Finkelstein, David Symantec Corp. Feather, Stan Hewlett-Packard Faruqui, Faisal Thalese-Security Dzierzanowski, James American Express CCoE Duren, Michael ElectronicsSypris Chris SafeNet,Inc.Dunn, Duggirala, Vinod EMCCorporation Graydon Lexmark Dodson, International Inc. Dietz, Russell IncSafeNet, Cryptsoft Tony Cox, Clifford, Corp.Tom Symantec Clark,Hewlett-PackardJohn Kenli Chong, QuintessenceLabs Chuck Castleton, Venafi RobertBurns,Thalese-Security Kelley National Burgin, Security Agency Chris Technologies,Burchett,Credant Inc. Bruce, Tim Technologies CA AlanBrown, Thalese-Security Anne IBM Bolgert, KevinBocket, Venafi MathiasBjörkqvist,IBM Berglas, Anthony Cryptsoft Benjamin, Tom IBM Bartok, Peter Venafi, Inc. Barker,Elaine NIST Bagnert, Lars PrimeKey Austin, Richard Hewlett-Packard Arnold, Todd IBM Gordon IBMArnold, MikeAllen,Symantec Aldridge, Hal ElectronicsSypris MaryannHondo, IBM Hofer,EmulexLarry Corporation Kurt Heberlein, He, Steve Vormetric Hewlett-Packard The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply Acknowledgements This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 69 of 83

[Type the document title] 2165 2164 2163 2162 2161 2160 2159 2158 2157 2156 2155 2154 2153 2152 2151 2150 2149 2148 2147 2146 2145 2144 2143 2142 2141 2140 2139 2138 2137 2136 2135 2134 2189 2188 2187 2186 2185 2184 2183 2182 2181 2180 2179 2178 2177 2176 2175 2174 2173 2172 2171 2170 2169 2168 2167 2166 345 344 348 347 346 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards PaulTurner, Venafi, Inc. Sean Turner, Inc.IECA, Nathan Thalese-Security Turajski, Trinath, Somanchi FreescaleSemiconductor, Inc. VMware Kiran Thota, Sundar,Satish IBM Streets,Marcus Thalese-Security Stevens, Michael QuintessenceLabs Steckroth, Deborah LLCRouteOne Spies, Terence VoltageSecurity Brian Spector, Certivox Smith, Venafi,David Inc. Greg Singh, QuintessenceLabs Schumperli,Cryptomathic Boris Sankuratripati,Subhash NetApp Saldhana, Anil Red Hat Saha,Saikat Oracle Rotondo, Scott Oracle Robinson,Peter EMC Robbins, Warren Dell Richards, AmericanChristina Express CCoE IBMBruce Rich, Reed, Peter Inc.SafeNet, SaravananRamalingam, Thalese-Security Puri, Inc.Ajai SafeNet, Poole, Reid Venafi, Inc. Pochuev, Denis Inc.SafeNet, Rob Philpott, EMC Corporation IBMPeck, John BryanHewlett-PackardOlson, Hewlett-PackardJishnuMukeri, Moberg, Dale Axway Software Milshtein, Marina Individual Neil McEvoy, iFOSSF Luther VoltageSecurity Martin, Manidi, Sairam Freescale Anne Luk,Cryptsoft RobertLockhart, Thalese-Security Lockhart, Hal Oracle Corporation Leiseboer,John QuintenssenceLabs Mark Lambiase, SecureAuth Kriese, SymantecKathy Corporation Mark Knight,Thalese-Security Marc Kenig, Inc.SafeNet, Greg Kazmierczak,Corp. Wave Systems Mahadev Karadiguddi, NetApp GlenJaquette, IBM Jacobs, Jay CorporationTarget Inguva, Sitaram American Express CCoE Iggbom,Jonas Venafi, Inc. Hudson, CryptsoftTim Hubis, Walt NetApp Sameer Yami, SameerYami, Thales e-Security QuintessenceLabsWong, Jin StevenHewlett-Packard Wierenga, Rod QuantumWideman, Corporation The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Corporation Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 70 of 83

[Type the document title] 2196 2195 2194 2193 2192 2191 2190 350 349 353 352 351 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards Peter Zelechoski, Peter Systems Election & Software Zdunkiewicz,Magda Cryptsoft Yoder, Michael Vormetric. Inc. Ylonen,TatuSSH SecurityCommunications Corp) (Tectia Ying, Catherine Inc.SafeNet, KrishnaYellepeddy, IBM Yee, Peter EMC Corporation The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 71 of 83

[Type the document title] 2213 2212 2210 2209 2208 2207 2206 2205 2204 2203 2202 2201 2200 2199 2198 2197 2227 2226 2225 2224 2223 2222 2221 2220 2219 2218 2217 2216 2214 2211 2215 355 354 358 357 356 CVC CRMF CRL CMP CMC CBC CA ASN.1 ASI ASCII ARQC ANSI AES ADK 3DES The following B. Appendix kmip-ug-v1.2-cnprd02 ID HTTPS HTTP HSM HMAC GCM FIPS ECDSA ECDH ECC DSS DSA DH DEK Non-Standards TrackNon-Standards - - Diffie-Hellman specified in - CertificateRevocation List in specified - EllipticCurve- Diffie Hellman EllipticCurve- Cryptography Digital- Signature Standard Digital- specified Signature Algorithm in Data - Encryption Key Card- Code Verification Certificate- Message Request specifiedFormat in Certificate- Management Protocol specified in Certificate- Management Messages over CMS specified in Cipher- Chaining Block specified in Certification - Authority Abstract- Syntax OneNotation Application Specific- Information American - CodeStandard forInformation Interchange Authorization - CryptogramRequest American - StandardsNational Institute Advanced - Encryption specified Standard in Additional- DecryptionKey Triple Data- Encryption Standard - Identification- Hyper- Text Transfer (SecureProtocol socket) Hyper- Text Transfer Protocol Hardware - Module Security Keyed-Hash- Message Authentication Code in specified Galois/Counter- Mode specified in Federal- Information Processing Standard EllipticCurve- Digital SignatureAlgorithm abbreviations and acronyms usedare in thisdocument: Acronyms The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track [X9.42] [SP800-38D] [SP800-38A] [X.509] [FIPS 186-4][FIPS Copyright © Copyright OASIS Open Reserved.Rights© All 2014. [FIPS 197] [FIPS [RFC4210] [RFC4211] [FIPS 198-1] [RFC5272] . Page Page 19 June 192014 72 of 83

[Type the document title] 2246 2244 2243 2241 2240 2239 2238 2237 2236 2235 2234 2233 2232 2231 2230 2229 2228 2260 2259 2258 2257 2256 2255 2254 2253 2252 2251 2250 2248 2247 2245 2242 2249 360 359 363 362 361 PKCS PGP PEM OID OAEP NIST MGF MDO MD5 MAC LTO LTO5 LTO4 KMIP KEK KAD ITU IPSec IP kmip-ug-v1.2-cnprd02 URI TTLV TLS TDEA TCP SMIME SP SHA SEMS RSA RNG PSS POSIX POP Non-Standards TrackNon-Standards 6 - Secure Secure - Hash specified Algorithm in - ProbabilisticSignatureScheme in specified specified- OpenPGP in Asymmetric Encryption- Optimal Padding in specified - Internet Protocol- - Symantec Symantec - Encryption Management Server Rivest,- Shamir,Adelman(an algorithm) Random Number- Generator Portable- Operating Interface System Proof - Possessionof Public-Key - Cryptography Standards Privacy Enhanced- specifiedMail in Object- Identifier National- Instituteof and Standards Technology Mask - FunctionGeneration Meta-Data- Only Message Digest- 5 specified Algorithm in Message Authentication- Code Linear- Tape-Open, Generation Linear- Tape-Open, Generation 5 Linear- Tape-Open, Generation 4 Key- Management Interoperability Protocol Key- Encryption Key Key- Data Associated International- Telecommunication Union Internet Protocol- Security - Uniform- Resource Identifier Tag,- Type, Value Length, Transport- Security Layer Triple Data- Encryption Algorithm Transport- Control Protocol Secure- Special - Publication

Multipurpose Internet Mail Extensions The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track [RFC4880] 6 [ECC-Brainpool] [ECC-Brainpool] [RFC1421] [PKCS#1] [RFC1321] Copyright © Copyright OASIS Open Reserved.Rights© All 2014. [PKCS#1] . Page Page 19 June 192014 73 of 83

[Type the document title] 2275 2267 2266 2262 2261 2274 2273 2272 2271 2270 2269 2268 2265 2264 2263 365 364 368 367 366 Table7: Deprecated PGP-Certificate Request Type Table6: DeprecatedCertificate PGP Type Table5: v1.0 Mapping of to v1.1CertificateRelated AttributesFields and Table4: Deprecated CertificateRelated Attributes and Fields Table3:Algorithm ECC Mapping Table2: Cryptographic PairsUsageMasks Table1:Placeholder ID Priorto and aResultingfrom KMIP Operation ofTables Table KAD ContentFigure for3: LTO5 KAD ContentFigure for2: LTO4 Aggregator Figure 1: Client Example ofFigures Table C. Appendix kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards Table Figuresof andTables The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track ...... Copyright © Copyright OASIS Open Reserved.Rights© All 2014...... Page Page 19 June 192014 74 of 66 66 47 34 26 59 58 16 67 67 83

[Type the document title] 370 369 373 372 371 Transparent Key Structures Transparent ECMQV Public Key Transparent ECMQV Key Private Transparent ECDSA Public Key Transparent ECDSA Private Key Transparent ECDH Public Key Transparent ECDH Private Key Transparent DSA Public Key Transparent DSA Private Key Transparent DH Public Key Transparent DH Private Key Template-Attribute Structures Template Symmetric Key Split Key Signature Data Secret Data Public Key Private Key PGP Key Opaque Object Nonce Managed Objects MAC Data Key Wrapping Specification Key Wrapping Data Key Value Key Block Extension Information Data Length Data Credential Certificate Base Objects Attribute 2 Objects Terminology Normative References Non-Normative References 1 Introduction Reference Term Appendix D. Appendix kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards KMIP KMIP CrossSpecification Reference The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. - - - 2.1.2. 2.2.1. 2.1. 2.1.1. 1.1. 1.2. 1.3. KMIP 1.0 2.1.7. 2.1.7.13. 2.1.7.12. 2.1.7.9. 2.1.7.8. 2.1.7.11. 2.1.7.10. 2.1.7.3. 2.1.7.2. 2.1.7.7. 2.1.7.6. 2.1.8. 2.2.6. 2.2.2. 2.2.5. - 2.2.7. 2.2.3. 2.2.4. - 2.2.8. - 2.2. - 2.1.6. 2.1.5. 2.1.4. 2.1.3. . 2.1.9. - - 2.1.2. 2.2.1. 2.1. 2.1.1. 1.1. 1.2. 1.3. KMIP 1.1 2.1.7. 2.1.7.13. 2.1.7.12. 2.1.7.9. 2.1.7.8. 2.1.7.11. 2.1.7.10. 2.1.7.3. 2.1.7.2. 2.1.7.7. 2.1.7.6. 2.1.8. 2.2.6. 2.2.2. 2.2.5. - 2.2.7. 2.2.3. 2.2.4. - 2.2.8. - 2.2. - 2.1.6. 2.1.5. 2.1.4. 2.1.3. Page Page 19 June 192014 2.1.9. 2.1.11. 2.1.10. 2.1.2. 2.2.1. 2.1. 2.1.1. 1.1. 1.2. 1.3. KMIP 1.2 2.1.7. 2.1.7.13. 2.1.7.12. 2.1.7.9. 2.1.7.8. 2.1.7.11. 2.1.7.10. 2.1.7.3. 2.1.7.2. 2.1.7.7. 2.1.7.6. 2.1.8. 2.2.6. 2.2.2. 2.2.5. 2.1.12. 2.2.7. 2.2.3. 2.2.4. 2.2.9. 2.2.8. 2.1.14. 2.2. 2.1.13. 2.1.6. 2.1.5. 2.1.4. 2.1.3. 75 of 83

[Type the document title] 375 374 378 377 376 Original Creation Date Operations outside of operation policy control Operation Name Policy Object Type Object Group Name Link Lease Time Last Change Date Key PresentValue Key LocationValue Initial Date Fresh Digital Signature Algorithm Digest Destroy Date Default Operation Policy Templatefor Objects Default Operation Policy Secretfor Objects Objects Default Operation Policy Certificatesfor and Public Key Default Operation Policy Deactivation Date Custom Attribute Cryptographic Parameters Cryptographic Length Cryptographic Domain Parameters Cryptographic Algorithm Contact Information Compromise Occurrence Date Compromise Date Certificate Type Certificate Subject Certificate Length Certificate Issuer Certificate Identifier Attributes Archive Date Application InformationSpecific Alternative Name Activation Date 3 Attributes Transparent Symmetric Key Transparent RSA Public Key Transparent RSA Private Key Reference Term kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 3.31. 3.24. 3.25. 3.8. 3.10. - 3.11. 3.9. 3 3.27. 3.30. - 3.19. 2.1.7.1. 2.1.7.5. 2.1.7.4. KMIP 1.0 - 3.13.1. 3.13. 3.3. 3.28. 3.2. 3.29. 3.15. 3.32. - - 3.18. - - 3.12. 3.23. 3.13.2.3. 3.13.2.1. 3.13.2.2. 3.13.2. 3.22. 3.33. 3.6. 3.5. 3.7. 3.4. . 3.37. 3.29. 3.30. 3.8. 3.14. 3.9. 3.15. 3.13. 3 3.32. 3.36. - 3.24. 2.1.7.1. 2.1.7.5. 2.1.7.4. KMIP 1.1 - 3.18.1. 3.18. 3.3. 3.33. 3.2. 3.35. 3.20. 3.38. - - 3.23. 3.34. 3.16. 3.17. 3.28. 3.18.2.3. 3.18.2.1. 3.18.2.2. 3.18.2. 3.27. 3.39. 3.6. 3.5. 3.7. 3.4. Page Page 19 June 192014 3.37. 3.29. 3.30. 3.8. 3.14. 3.9. 3.15. 3.13. 3 3.32. 3.36. 3.40. 3.24. 2.1.7.1. 2.1.7.5. 2.1.7.4. KMIP 1.2 3.43. 3.18.1. 3.18. 3.3. 3.33. 3.2. 3.35. 3.20. 3.38. 3.41. 3.42. 3.23. 3.34. 3.16. 3.17. 3.28. 3.18.2.3. 3.18.2.1. 3.18.2.2. 3.18.2. 3.27. 3.39. 3.6. 3.5. 3.7. 3.4. 76 of 83

[Type the document title] 380 379 383 382 381 RNG Retrieve Revoke Re-key Pair Key Re-key Register Recover Re-certify Query Poll Obtain Lease Modify Attribute MAC Verify MAC Locate Join Split Key Hash Get Usage Allocation Get Attributes Get Attribute List Get Encrypt Discover Versions Destroy Derive Key Delete Attribute Decrypt Create Key Split Create Pair Key Create Check Certify Cancel Archive Add Attribute Activate Operations4 Client-to-Server X.509 Certificate Subject X.509 Certificate Issuer X.509 Certificate Identifier Usage Limits Unique Identifier State Revocation Reason Protect DateStop Process DateStart Reference Term kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 4.1. 4.9. 4.6. 4.25. 4.21. 4.13. 4.18. - - - 3.16. 3.1. 3.17. 3.26. 3.21. 3.20. KMIP 1.0 - 4.19. - 4.4. 4.3. 4.22. 4.7. 4.24. 4.26. 4.16. 4.14. - - 4.8. - - 4.17. 4.11. 4.12. 4.10. - - 4.20. 4.5. 4.15. - - 4.2. . 4.1. 4.10. 4.7. 4.27. 4.22. 4.14. 4.19. 3.11. 3.12. 3.10. 3.21. 3.1. 3.22. 3.31. 3.26. 3.25. KMIP 1.1 - 4.20. 4.5. 4.4. 4.3. 4.23. 4.8. 4.25. 4.28. 4.17. 4.15. - - 4.9. - - 4.18. 4.12. 4.13. 4.11. - 4.26. 4.21. 4.6. 4.16. - - 4.2. Page Page 19 June 192014 4.1. 4.10. 4.7. 4.27. 4.22. 4.14. 4.19. 3.11. 3.12. 3.10. 3.21. 3.1. 3.22. 3.31. 3.26. 3.25. KMIP 1.2 4.35. 4.20. 4.5. 4.4. 4.3. 4.23. 4.8. 4.25. 4.28. 4.17. 4.15. 4.34. 4.33. 4.9. 4.39. 4.37. 4.18. 4.12. 4.13. 4.11. 4.29. 4.26. 4.21. 4.6. 4.16. 4.30. 4.38. 4.2. 77 of 83

[Type the document title] 385 384 388 387 386 Derivation Method Enumeration Defined Values Cryptographic Usage Mask Cryptographic Algorithm Enumeration Credential Type Enumeration Certificate Type Enumeration Certificate Request TypeEnumeration Cancellation Result Enumeration Block Cipher Mode Enumeration Bit Masks Batch Error Continuation EnumerationOption Attestation Type Enumeration Alternative Name Type Enumeration Encoding 9 Message Authentication 8 Authentication Operations Message Structure Format 7 Message Unique Batch ItemID Time Stamp Result Status Result Reason Result Message Protocol Version Operation Message Extension Maximum Response Size Batch Order Option Batch Item Batch Error Continuation Option Batch Count Attestation Capable Indicator Asynchronous Indicator Asynchronous Correlation Value Contents 6 Message Put Notify Operations5 Server-to-Client Validate Signature Verify Sign RNG Seed Reference Term kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 6.3. 6.12. 6.15. 6.13. 6.14. - 6.7. 6.8. 5.2. 5.1. 4.23. - - - KMIP 1.0 9.1.3.2.20. 9.1.3. 9.1.3.3.1. 9.1.3.2.12. 9.1.3.2.1. 9.1.3.2.6. 9.1.3.2.21. 9.1.3.2.24. 9.1.3.2.13. 9.1.3.3. 9.1.3.2.29. - - 8 7.2. 7.1. 6.4. 6.5. 6.9. 6.10. 6.11. 6.1. 6.2. 6.16. . 6.3. 6.12. 6.15. 6.13. 6.14. - 6.7. 6.8. 5.2. 5.1. 4.24. - - - KMIP 1.1 9.1.3.2.21. 9.1.3. 9.1.3.3.1. 9.1.3.2.13. 9.1.3.2.1. 9.1.3.2.6. 9.1.3.2.22. 9.1.3.2.25. 9.1.3.2.14. 9.1.3.3. 9.1.3.2.30. - - 8 7.2. 7.1. 6.4. 6.5. 6.9. 6.10. 6.11. 6.1. 6.2. 6.16. Page Page 19 June 192014 6.3. 6.12. 6.15. 6.13. 6.14. 6.17. 6.7. 6.8. 5.2. 5.1. 4.24. 4.32. 4.31. 4.36. KMIP 1.2 9.1.3.2.21. 9.1.3. 9.1.3.3.1. 9.1.3.2.13. 9.1.3.2.1. 9.1.3.2.6. 9.1.3.2.22. 9.1.3.2.25. 9.1.3.2.14. 9.1.3.3. 9.1.3.2.30. 9.1.3.2.36. 9.1.3.2.34. 8 7.2. 7.1. 6.4. 6.5. 6.9. 6.10. 6.11. 6.1. 6.2. 6.16. 78 of 83

[Type the document title] 390 389 393 392 391 KMIP KMIP Server Implementation Conformance KMIP Client ImplementationConformance Conformance clauses afor Server KMIP Conformance12 Implementation and KMIP Server Client Transport 10 Transport XML Encoding Wrapping Method Enumeration Validity Indicator Enumeration Usage Limits Unit Enumeration TTLV Encoding Fields TTLV Encoding Tags Storage Status Mask State Enumeration Split Method Key Enumeration Secret Data Type Enumeration Revocation Reason Code Enumeration Result EnumerationStatus Result EnumerationReason ECMQV Recommended Curve Enumeration ECDH, ECDSA, for and Query Function Enumeration Put Function Enumeration Padding Method Enumeration Operation Enumeration Opaque TypeData Enumeration Object Type Enumeration Object Group Member Enumeration Name Type Enumeration Link Type Enumeration Key Location TypeValue Enumeration Key Role TypeEnumeration Key Format Type Enumeration Key Compression Type Enumeration Item Value Item Type Item Tag Item Length Hashing Algorithm Enumeration Examples Enumerations Encoding Enumeration Option Digital Signature Algorithm Enumeration Reference Term kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. 9.1.3.2.11. - 9.1.3.2.10. 9.1.3.2.19. - 9.1.3.2.16. 9.1.3.2.3. 9.1.3.2.2. 9.1.1.4. 9.1.1.2. 9.1.1.1. 9.1.1.3. 9.1.3.2.15. 9.1.2. 9.1.3.2. - - KMIP 1.0 - - 12.1. 10 9.2. 9.1.3.2.4. 9.1.3.2.22. 9.1.3.2.30. 9.1.1. 9.1. 9.1.3.1. 9.1.3.3.2. 9.1.3.2.17. 9.1.3.2.7. 9.1.3.2.8. 9.1.3.2.18. 9.1.3.2.27. 9.1.3.2.28. 9.1.3.2.5. 9.1.3.2.23. 9.1.3.2.25. 9.1.3.2.14. 9.1.3.2.26. 9.1.3.2.9. . 9.1.3.2.12. 9.1.3.2.33. 9.1.3.2.11. 9.1.3.2.20. - 9.1.3.2.17. 9.1.3.2.3. 9.1.3.2.2. 9.1.1.4. 9.1.1.2. 9.1.1.1. 9.1.1.3. 9.1.3.2.16. 9.1.2. 9.1.3.2. 9.1.3.2.32. 9.1.3.2.7. KMIP 1.1 12.1. 12.2. - 10 - 9.1.3.2.4. 9.1.3.2.23. 9.1.3.2.31. 9.1.1. 9.1. 9.1.3.1. 9.1.3.3.2. 9.1.3.2.18. 9.1.3.2.8. 9.1.3.2.9. 9.1.3.2.19. 9.1.3.2.28. 9.1.3.2.29. 9.1.3.2.5. 9.1.3.2.24. 9.1.3.2.26. 9.1.3.2.15. 9.1.3.2.27. 9.1.3.2.10. Page Page 19 June 192014 9.1.3.2.12. 9.1.3.2.33. 9.1.3.2.11. 9.1.3.2.20. 9.1.3.2.35. 9.1.3.2.17. 9.1.3.2.3. 9.1.3.2.2. 9.1.1.4. 9.1.1.2. 9.1.1.1. 9.1.1.3. 9.1.3.2.16. 9.1.2. 9.1.3.2. 9.1.3.2.32. 9.1.3.2.7. KMIP 1.2 12.1. 12.2. - 10 - 9.1.3.2.4. 9.1.3.2.23. 9.1.3.2.31. 9.1.1. 9.1. 9.1.3.1. 9.1.3.3.2. 9.1.3.2.18. 9.1.3.2.8. 9.1.3.2.9. 9.1.3.2.19. 9.1.3.2.28. 9.1.3.2.29. 9.1.3.2.5. 9.1.3.2.24. 9.1.3.2.26. 9.1.3.2.15. 9.1.3.2.27. 9.1.3.2.10. 79 of 83

[Type the document title] 2276 395 394 398 397 396 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Copyright © Copyright OASIS Open Reserved.Rights© All 2014. . Page Page 19 June 192014 80 of 83

[Type the document title] 2277 400 399 403 402 401 V1.2-wd02 03 V1.2-wd01- 02 V1.2-wd01- 01 V1.2-wd01- Appendix E. Appendix kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards Revision Revision History 5/30/13 5/16/13 5/9/13 3/18/13 Date The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Judy Furlong Judy Furlong Indra Fitzgerald Judy Furlong Editor  Restructuring of UG template Conversion UGinto of OASIS current MadeChanges following ballotedfollowing proposals: Incorporation the of UGtext for the Incorporation other of UGrelated content: proposals: Incorporation the of following balloted editorialOther changes.   Copyright © Copyright OASIS Open Reserved.Rights© All 2014. vs. Applying KMIPvs. functionality) sectionSplit 3 section (Usinginto two         Use(going to Case document). theRemoved deferred item section deprecationAdded a section    Deprecation andPGP Cert Cert Type RegistrationClient Objects Compromised of State Linked Key Split OperationsAttested PGP and Alternative Name RuleDeprecation Metadata-only Object  4.3 for Naming nowTape section Section Interoperable 3.30 Key Keys now 4.2 Section Using 3.21 Wrapped now 4.1 Section Locate Queries3.18 (4.4 (4.4 4.5 and respectively 3.37.2)and moved to Section 4 the and subsections(3.37.1 Section in 3 section (now 3.34) Extensions– intro the remains Section Vendor 3.37 . Page Page 19 June 192014 81 of 83

[Type the document title] 405 404 408 407 406 V1.2-wd06 V1.2-wd05 V1.2-wd04 V1.2-wd03 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards 8/22/13 8/19/13 7/11/13 6/27/13 The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track Judy Furlong Judy Furlong Judy Furlong Judy Furlong Other UGrelatedOther content changes: UGrelatedOther content changes:           Copyright © Copyright OASIS Open Reserved.Rights© All 2014.        Re-added AcronymList Updated References editorialOther changes wording.Spec to toEdits 3.5 with align latest KMIP Mapping table. Added new of version ECC Algorithm TC members reviewIncorporated comments from editorialOther and format changes. Specification) listsingle will included inbe the KMIP Acronym Removed in appendixlist (a all KMIP of proposals.1.2 balloted toinformation out close incorporation Added ECC Mapping Algorithm TC members reviewIncorporated comments from   section CompromisedReadded Objects profile toName Space bring in-linewith Updated Tapesection 4.3 Key GuideUsage 1.1Incorporated Errata forthe can bewording agreed upon Linked Objects section until CompromisedRemoved State of Information Application Specification Cryptographic Services Templates Other editorialOther changes Updated participant list . Page Page 19 June 192014 82 of 83

[Type the document title] 2278 410 409 413 412 411 [Rev number][Rev V1.2-cnd0x V1.2-cnd01 kmip-ug-v1.2-cnprd02 Non-Standards TrackNon-Standards [Rev Date][Rev 6/13/14 9/13/13 The patent provisions of the Policy The OASIS of IPR do patent provisions not the apply This Non-Standards is a Work Product. Track [Modified By] Judy Furlong Judy Furlong [Summary of[Summary Changes] document. referencesRemoved Use KMIP to Case 1.3 Review commentsIncorporated Initial from Public Fixed Cross-references updatedIncorporated Participants List references applicableIncorporated updated to Converted Committee Note Draft  Copyright © Copyright OASIS Open Reserved.Rights© All 2014. Other editorialOther and format changes . Page Page 19 June 192014 83 of 83

[Type the document title]

Recommended publications