OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [kmip] Split Key proposal


[STUFF DELETED]
> Unfortunately, I think these use cases are all we can address today.
> Server distribution of keys using KMIP would be done in a non- interoperable
> way based on server policy/ACLs. Client side distribution of keys (which
> breaks auditing control) is more the current KMIP flavor it seems.

[<[Bob]>] Which is fair enough and a reasonable outcome of my emails -- If this ends up being the conclusion, then I just think that putting a 'financial' label on a use case will be a bit disingenuous, that's all.  Which is why I was documenting my thoughts -- I have hopes that the KMIP brain-trust can find a way to make it work and make sense.

[STUFF DELETED] 
> If PC2 is KMIP unaware and owned by a separate enterprise, I think
> auditing within KMIP will have its limitations regardless of KMIP ACL
> constraints. I do however think many more use cases will open up if a
> Split Key creator can tell the server who can access them.
> 

[<[Bob]>] That is true for the owners of PC2, but the owners of PC1 would be happy.  The owners could decide to retire the key in use, and PC1 would happily make it unavailable.  This is the key management equivalent of "taking your ball and going home".  PC2 wouldn't figure it out until they tried to use the key to exchange with PC1, and when they failed, they would contact PC1 and they could inform PC2 what they did, and they would have a nice audit trail to back it up ("As per our policy, we retired the key upon its 1 year anniversary and have generated new key components if you're ready to exchange a new key").  Hopefully it wouldn't come to that as no one likes to be surprised, but that's the extreme case of maximum control and audit trails.

I *think* the ultimate solution in the financial world will be to get away from manual key distribution all together (e.g. key splits) and move to more automated methods, but we are a ways away from that I'm afraid.

Thanks for the feedback,

Bob


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]