KMIP 3.0 - oasis-tcs/kmip GitHub Wiki
KMIP 3.0
Status
KMIP v3.0 Specification & Profiles (Normative documents) are currently at Working Draft Stage.
WD Link Location
Agreement
The KMIP TC will test v3.0 functionality at TBA.
Current Proposals
| Topic | Actions | Spec | Profile | Test Cases | Usage Guide | Who | Open/ Closed | Due Date | Status |
|---|---|---|---|---|---|---|---|---|---|
| PKCS#11 XML | adopt XML representation of PKCS#11 for the KMIP PKCS#11 Profile and associated test cases | - | Comp | Comp | Req | Tim C & Tim H | Closed | 11-Mar-2021 | Proposal Approved at Face 2 Face Meeting on 20-Feb-2020 - PKCS#11 XML approval in PKCS#11 TC (14-Oct-2020) - PKCS#11 XML profile delta Approved at the KMIP TC Meeting on 11-March-2021 - Added to KMIP Profiles V3.0 WD02 |
| Split Key | add new Split Key Polynomial attribute, add the two missing links and add the four omitted attributes to KMIP | Comp | - | Comp | Req | Chuck W | Closed | 31-Jul-2020 | Spec Delta approved at TC Meeting 30-Jul-2020, Applied to KMIP Spec V3.0 WD03, Usage Guide Text, Test Cases |
| Client Mutual Authentication | Provide spec deltas for Spec & Profiles to asses impact | Comp | Base | Comp | Req | Tim C | Closed | 22-Oct-2020 | Proposal approved 20-Feb-2020 for spec & profiles delta; Spec delta approved 22-Oct-2020 - Added in KMIP Spec v3.0 WD07 |
| Miscellaneous (batch) | Proceed with removing the Batch Count, Batch Order Option and Unique Batch Item ID in KMIP | Comp | - | Comp | - | Anthony B | Closed | 30-Jul-2020 | Spec delta approved 30-Jul-2020 - Applied in KMIP Spec V3.0 WD03 |
| Obliterate | Move forward with spec deltas for the new ‘Obliterate’ operation. This operation will NOT remove the UUID | Comp | - | Comp | Req | Anthony B | Closed | 27-Aug-2020 | Spec delta approved 27-Aug-2020 - Applied in KMIP Spec V3.0 WD04 |
| Obliterate (Naming) | Open Straw Poll for preferred name for this operation | - | - | - | - | Tony C | Closed | 15-May-2020 | Straw poll required - closed with vote for Obliterate - Results |
| Name Representation | Move forward with Spec deltas for simplifying the Name representation to just TextString | Comp | Base | - | - | Tim H | Closed | 21-May-2020 | Approved 21-May-2020 Applied to KMIP Spec V3.0 WD02 |
| Link Representation | Move forward with this proposal and produce KMIP Spec deltas for the new Link Representation | Comp | Base | - | - | Tim H | Closed | 04-Jun-2020 | Spec delta - Approved 4-June-2020 - Applied to KMIP Spec V3.0 WD02 |
| Name Lifecycle | Move forward with this proposal and produce KMIP Spec deltas for Name Lifecycle and the ‘hold’ concept | Comp | Base | Comp | Req | Tim H | Closed | 06-Aug-2020 | Spec delta - Approved 06-Aug-2020 - Applied to KMIP Spec V3.0 WD03 |
| Grouping Objects | Move forward with this proposal and produce KMIP Spec deltas for Grouping Objects | Comp | Base | Comp | Req | Tim H | Closed | 06-Aug-2020 | Spec delta - Approved 06-Aug-2020 - Applied to KMIP Spec V3.0 WD03 |
| Group Hierarchy | Move forward with this proposal and produce KMIP Spec deltas for Group Hierarchy | Comp | Base | Comp | Req | Tim H | Closed | 10-Sep-2020 | Spec delta - Approved 10-Sept-2020 - Applied to KMIP Spec V3.0 WD05 |
| Lists of Groups | Move forward with this proposal and produce KMIP Spec deltas for List of Groups | Comp | Base | Comp | Req | Tim H | Closed | 30-Aug-2020 | Proposal approved 21-Feb-2020 for spec delta; spec update included in kmip-spec-v3.0-wd02-grouping-objects - Applied to KMIP Spec V3.0 WD02 |
| Automation Architecture | Move forward with this proposal and produce KMIP Spec deltas | Comp | Base | Comp | Req | Tim H | Closed | 30-Jul-2020 | Spec delta - Approved 30-Jul-2020] - Applied to KMIP Spec V3.0 WD03 |
| User Handling (Clients and Credentials as Users) | Move forward with this proposal and produce KMIP Spec deltas | Comp | Base | Comp | Req | Tim H | Closed | 01-Oct-2020 | Spec Delta - Approved 1-Oct-2020 - Applied to KMIP Spec V3.0 WD06 |
| Identifiers or References | Move forward with this proposal and produce KMIP Spec deltas | Comp | Base | - | Req | Tim H | Closed | 6-Aug-2020 | Proposal approved 21-Feb-2020 for spec delta effectively as part of Name Lifecycle - included in Links Representation - Applied to KMIP Spec V3.0 WD02 |
| Revoke & Deactivate | Move forward with this proposal and produce KMIP Spec deltas | Comp | Base | Comp | Req | Tim H | Closed | 17 Dec-2020 | Spec Delta approved 17-Dec-2020 - Applied in KMIP Spec V3.0 WD08 |
| Change split key references to SAM TC specification | Track this update | Comp | - | - | - | Greg S | Closed | 27-Feb-2025 | Included in KMIP Spec V3.0 WD20 - Approved in TC Meeting of March 27,2025 |
| NIST PQC Identifiers | Adding Cryptographic Algorithm Identifiers for NIST PQC FIPS-203, FIPS-204, and FIPS-205 | Comp | Comp | Comp | Req | Tim C | Closed | 14-Dec-2023 | Proposal approved 14-Dec-2023 - Applied in KMIP Spec V3.0 WD16 |
| Proposed Curve Cleanup | During revision found that ANSIX9C2PNB176W1 was mistyped as ANSIX9C2PNB176V1. Also 4 ANSI X9 curves do not have enumeration in the KMIP Spec - ANSIX9C2TNB191V4, ANSIX9C2TNB191V5, ANSIX9C2TNB239V4 and ANSIX9C2TNB239V5. | Req | - | - | Req | Tim C | Open | 26-Jul-2025 | Applied in KMIP Spec V3.0 WD20 |
Key to Spec, Profile, Test Cases and Usage Guide
Base = Topic affects a Base Profile Req = Required Prov = Provided Comp = Complete TBA = To Be Advised
Pending Proposals
| Topic | Actions | Spec | Profile | Test Cases | Usage Guide | Who | Open/ Closed | Due Date | Status |
|---|---|---|---|---|---|---|---|---|---|
| Other System Objects | More detailed proposals are needed | Y | TBA | TBA | TBA | Tim H | Open | TBA | Spec delta approved 17-Dec-2020; Moved to KMIP 3.1 worklist - Refer to KMIP TC Meeting of March 27, 2025 |
| LMS Signature Proposal | Proposal required - Standardized algorithm from NIST SP 800-208 Recommendation for Stateful Hash-Based Signature Schemes. proposal & test case required | TBA | TBA | TBA | TBA | ??? | Open | TBA | Noted in meeting of 12-Jan-2023 - Moved to KMIP 3.1 worklist - Refer to KMIP TC Meeting of March 27, 2025 |
| XMSS Signature Proposal | Proposal required - Standardized algorithm from NIST SP 800-208 Recommendation for Stateful Hash-Based Signature Schemes. Specifically because XMSS is already defined as a cryptographic identifier in KMIP 2.0 - proposal & test case required | TBA | TBA | TBA | TBA | ??? | Open | TBA | Noted in meeting of 12-Jan-2023 - Moved to KMIP 3.1 worklist - Refer to KMIP TC Meeting of March 27, 2025 |
| Hash then Sign Proposal | Members report that this is contained in NCCoE PQC Migration project analysis document and expects work to be at a point in early Feb for this to be shared with the TC | - | - | - | - | - | Closed | 27-Mar-2025 | Noted in meeting of 12-Jan-2023 - No Longer Required - Refer to KMIP TC Meeting of March 27, 2025 |
Items from public comments not captured elsewhere that need to be reviewed and managed to resolution
| No | Issue Title | Description | Proposed Actions | Who | Date(s) Approved | Links to Ballots and/or Minutes where approved | Added to Which Document by Editor(s) | Content reviewed by whom during committee review/Date |
|---|---|---|---|---|---|---|---|---|
| 1 | Cryptographic Usage Mask | Public Comment picked up and repeated to KMIP TC List Email comment re cryptographic usage mask after key revocation | Draft proposal to address issues across versions/documents | Tim H | 27-Mar-2025 | TC Meeting March 27, 2025 | Sect 4.19 Usage Guide | Not Required |
Previously Proposed Topics
| Topic | Actions | Spec | Profile | Test Cases | Usage Guide | Who | Open/ Closed | Due Date | Status |
|---|