OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [kmip] Groups - Enhancing KMIP Profile Definition to include Operations allowed for different client types uploaded

Not yet, the idea is that operation access control can be performed by server as long as we return the appropriate message to the client saying "sorry Charlie, no can do".

Robert A. (Bob) Lockhart
Chief Solutions Architect - Key Management

Thales e-Security, Inc.
2365 Bering Drive
San Jose, CA 95131

T:      +1 (954) 888 6245
TF:    +1 (888) 744-4976 x6245
F:      +1 (408) 922-1101
M:     +1 (510) 410 0585
E:      robert.lockhart@thalesesec.com<mailto:robert.lockhart@thalesesec.com>
W:     http://www.thalesgroup.com/iss

On Mar 27, 2014, at 11:01 AM, "Mark Joseph" <mark@p6r.com<mailto:mark@p6r.com>> wrote:

Hi Bob,

   So reading over the presentation are you proposing that the KMIP client implement access controls on what the application can do with a key?
Its obvious that once the client has the key it can do anything with it currently.   Also this only pertains to keys that the client gets from the KMIP server cause given enough entropy it can certainly create its own keys for local use to get around the whole issue.


Best,

Mark Joseph, Ph.D.
President P6R, Inc
408-205-0361
mark@p6r.com<mailto:mark@p6r.com>
Skype: markjoseph_sc
http://www.linkedin.com/pub/mark-joseph/0/752/4b4


Robert Lockhart <Robert.Lockhart@thalesesec.com<mailto:Robert.Lockhart@thalesesec.com>> , 3/26/2014 3:15 PM:
Submitter's message
Presentation for March 27, 2014 KMIP TC Meeting
-- Robert Lockhart
Document Name: Enhancing KMIP Profile Definition to include Operations allowed for different client types<https://www.oasis-open.org/apps/org/workgroup/kmip/document.php?document_id=52601>
________________________________
Description
Initial Presentation
Download Latest Revision<https://www.oasis-open.org/apps/org/workgroup/kmip/download.php/52601/latest/Enhancing%20KMIP%20Profiles.pptx>
Public Download Link<https://www.oasis-open.org/committees/document.php?document_id=52601&wg_abbrev=kmip>
________________________________
Submitter: Robert Lockhart
Group: OASIS Key Management Interoperability Protocol (KMIP) TC
Folder: Proposals
Date submitted: 2014-03-26 15:14:36

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]