Re: [kmip] A question about KMIP Conformance Profiles

[Tim Hudson <tjh@cryptsoft.com>]

On 13/01/2015 3:01 AM, Mark Joseph wrote:
> Hi All,
>
>     We have a question about KMIP Conformance profiles.   We have a
> KMIP client implementation (not an SDK) inside an SSH server.   It is
> used to implement the SSH authentication protocols (RFC 4252, 4819,
> 7076).    In this application the KMIP client just manages the Public
> Key of the Client machine on the KMIP server.    We wanted to test
> this client against the Conformance profiles but they all operate on
> both the Public and Private keys.      We feel it would be useful to
> show this practical application of KMIP to the outside world but don't
> see how using our existing profiles.   Any suggestions on what we can
> do here?

The concept of profiles is to outline a particular use of KMIP that is
of sufficient general interest that documenting it as a template for use
for others solving the same problem makes sense and is of sufficient
interest to also make sense for vendors to be able to use for
determining whether or not a given client and server combination will
support that usage.

Seeing the message flows (test cases) that match the usage you are
describing would make it clearer as to how different the usage you are
outlining is from existing profiles - right now to me at least I don't
know the scope of what you are proposing.

If it makes sense to have a new profile (the usage is sufficiently
different to existing profiles to make sense to have separately) then
you need to seek interest amongst the TC members for a new profile,
document the profile, and go through the OASIS process to get the
profile as a recognised specification.

Tim.