Hi folks New member to OASIS and KMIP here.. :-) By way of introduction I was wondering if KMIP and associated technologies might be relevant to some best practices I am currently developing. To help encourage more Cloud adoption by governments, I am currently building a Cloud Maturity Model for RFPs ( cloudrfp.info ), and one of the sections is on SaaS encryption. The type of assessment criteria I'm looking to define are: * Ability to allow the creation of unique encryption keys per tenant? * Ability to support tenant-generated encryption keys or tenant-encrypted data to an identity without access to a public key certificate (e.g. Identity based encryption). * Ability to encrypt tenant data at rest (on disk/storage). * Ability to manage encryption keys on behalf of tenants. * Ability to maintain key management procedures. Any inputs appreciated, Kind regards, -- Neil McEvoy CEO, CloudBestPractices.net VP Open Cloud Ecosystem iFOSSF.org