[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [kmip] Groups - Enhancing KMIP Profile Definition to include Operations allowed for different client types uploaded
Not yet, the idea is that operation access control can be performed by server as long as we return the appropriate message to the client saying "sorry Charlie, no can do". Robert A. (Bob) Lockhart Chief Solutions Architect - Key Management Thales e-Security, Inc. 2365 Bering Drive San Jose, CA 95131 T: +1 (954) 888 6245 TF: +1 (888) 744-4976 x6245 F: +1 (408) 922-1101 M: +1 (510) 410 0585 E: robert.lockhart@thalesesec.com<mailto:robert.lockhart@thalesesec.com> W: http://www.thalesgroup.com/iss On Mar 27, 2014, at 11:01 AM, "Mark Joseph" <mark@p6r.com<mailto:mark@p6r.com>> wrote: Hi Bob, So reading over the presentation are you proposing that the KMIP client implement access controls on what the application can do with a key? Its obvious that once the client has the key it can do anything with it currently. Also this only pertains to keys that the client gets from the KMIP server cause given enough entropy it can certainly create its own keys for local use to get around the whole issue. Best, Mark Joseph, Ph.D. President P6R, Inc 408-205-0361 mark@p6r.com<mailto:mark@p6r.com> Skype: markjoseph_sc http://www.linkedin.com/pub/mark-joseph/0/752/4b4 Robert Lockhart <Robert.Lockhart@thalesesec.com<mailto:Robert.Lockhart@thalesesec.com>> , 3/26/2014 3:15 PM: Submitter's message Presentation for March 27, 2014 KMIP TC Meeting -- Robert Lockhart Document Name: Enhancing KMIP Profile Definition to include Operations allowed for different client types<https://www.oasis-open.org/apps/org/workgroup/kmip/document.php?document_id=52601> ________________________________ Description Initial Presentation Download Latest Revision<https://www.oasis-open.org/apps/org/workgroup/kmip/download.php/52601/latest/Enhancing%20KMIP%20Profiles.pptx> Public Download Link<https://www.oasis-open.org/committees/document.php?document_id=52601&wg_abbrev=kmip> ________________________________ Submitter: Robert Lockhart Group: OASIS Key Management Interoperability Protocol (KMIP) TC Folder: Proposals Date submitted: 2014-03-26 15:14:36
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]