RE: [kmip] Groups - KMIP Server Conformance Proposal (KMIP ServerConform

Hi Bob,

Actually, I'm thinking the conformance text would be something like this:

An implementation SHALL be a conforming KMIP Server.
An implementation MAY conform to zero or more of the following profiles:

Symmetric Key KMIP Server
etc.

In other words, everything is a conforming KMIP Server, but may additionally conform to a particular profile or set of profiles.

That said, I would prefer that we leave out profiles entirely from the KMIP specification, but don't see a problem adding a couple profiles in (aside from it pushing out the schedule).

I'm hesitant to put 'requirements' on the profiles themselves, though, because this is a bit like 'meta-work' instead of 'real-work'. However, if we make profiles an integral part of the protocol, with a profile registry and ways for clients to retrieve the profile name, then we'll need to be precise in creating ways for the client to find out exactly which algorithms and commands are supported by the KMIP Server. This will probably be a fair bit of work, although I haven't scoped the effort.

Cheers,
-Matt

Robert Lockhart wrote:

Matt,

Would the following vebiage work for the implemtation conformance statement on page 2 line 40 of your original proposal?

"An implementation SHALL be a conforming KMIP Server and one or more conformance profiles."

Is there any reason that we need to have the conformance profile as part of the specification itself? This would require servers to claim what profiles they support.

At the same time should there be verbiage about requirements for a profile defining how each element must be implemented including supported enumerations, extensions, etc..?

Bob L.

Robert A. (Bob) Lockhart

Senior Solutions Architect

THALES Information Systems Security

From: matthew.ball@sun.com [matthew.ball@sun.com]
Sent: Wednesday, September 02, 2009 4:36 PM
To: kmip@lists.oasis-open.org
Subject: [kmip] Groups - KMIP Server Conformance Proposal (KMIP Server Conformance Proposal.pdf) uploaded

PDF version for easy viewing

-- Matthew Ball

The document revision named KMIP Server Conformance Proposal (KMIP Server
Conformance Proposal.pdf) has been submitted by Matthew Ball to the OASIS
Key Management Interoperability Protocol (KMIP) TC document repository.
This document is revision #1 of KMIP Server Conformance Proposal.doc.

Document Description:
This proposal is a subset of previous conformance proposals, aiming to do
the minimum work needed to meet the OASIS requirements for a Conformance
section. In particular, this proposal defines a 'baseline' Conformance
Clause for the KMIP Server Conformance Target.

View Document Details:
http://www.oasis-open.org/committees/document.php?document_id=34040

Download Document:
http://www.oasis-open.org/committees/download.php/34040/KMIP%20Server%20Conformance%20Proposal.pdf

Revision:
This document is revision #1 of KMIP Server Conformance Proposal.doc. The
document details page referenced above will show the complete revision
history.

PLEASE NOTE: If the above links do not work for you, your email application
may be breaking the link into two pieces. You may be able to copy and paste
the entire link address into the address field of your web browser.

-OASIS Open Administration

The information contained in this e-mail is confidential. It may also be privileged. It is only intended for the stated addressee(s) and access to it by any other person is unauthorized. If you are not an addressee or the intended addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorized use may be unlawful. If you have received this e-mail in error please delete it (and all copies) from your system, please also inform us immediately on +1 (781) 994 4000 or email ussales@thalesesec.com. Commercial matters detailed or referred to in this e-mail are subject to a written contract signed for and on behalf of Thales.

kmip message