OASIS Key Management Interoperability Protocol (KMIP) TC

 View Only
Expand all | Collapse all

Groups - KMIP TC weekly concall modified

  • 1.  Groups - KMIP TC weekly concall modified

    Posted 08-20-2009 14:46
      |   view attached

    Attachment(s)

    ics
    ical_24821.ics   3 KB 1 version


  • 2.  Discussion on Conformance

    Posted 08-20-2009 16:01
    I believe there is a need for the ability to know if a server is
    compliant to KMIP for the type of key exchange needed.  
    
    If my client needs to interact for symmetric keys, I need to know the
    server is KMIP compliant for symmetric key functions.  So, from a
    conformance clause, there needs to be a way to indicate what constitutes
    the minimum set of functions the server must support in order to make
    the claim of "conformant".
    
    Likewise, we need a profile for asymmetric key conformance.  So those
    clients needing an asymmetric key server know if it is compliant.
    
    There may be other subsets that make sense as a minimum conformance
    profile.
    
    The ability for a server to claim conformance for the superset is always
    available.  And, the server implementation could claim conformance for
    each of the minimum profiles if it had each.
    


  • 3.  Re: [kmip] Discussion on Conformance

    Posted 08-21-2009 13:31
    Zelechoski, Peter wrote:
    > I believe there is a need for the ability to know if a server is
    > compliant to KMIP for the type of key exchange needed.  
    
    There's two ways we can communicate a server's support for a particular 
    profile: out-of-band or in-band.  Is the intention that this always be 
    an out-of-band mechanism because I didn't see a mechanism for client 
    discovery of a server's support for particular features?
    
    > If my client needs to interact for symmetric keys, I need to know the
    > server is KMIP compliant for symmetric key functions.  So, from a
    > conformance clause, there needs to be a way to indicate what constitutes
    > the minimum set of functions the server must support in order to make
    > the claim of "conformant".
    > 
    > Likewise, we need a profile for asymmetric key conformance.  So those
    > clients needing an asymmetric key server know if it is compliant.
    > 
    > There may be other subsets that make sense as a minimum conformance
    > profile.
    > 
    > The ability for a server to claim conformance for the superset is always
    > available.  And, the server implementation could claim conformance for
    > each of the minimum profiles if it had each.
    > 
    > ---------------------------------------------------------------------
    > To unsubscribe from this mail list, you must leave the OASIS TC that
    > generates this mail.  Follow this link to all your TCs in OASIS at:
    > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
    > 
    >