There appears to be some confusion about which Key Format Types go with which types. The specification, as late as version 1.3 says "
PKCS1 – This is an encoded private key,"
http://docs.oasis-open.org/kmip/spec/v1.3/csprd01/kmip-spec-v1.3-csprd01.html#_Toc441679198
However, the test cases have it used with a public key, 2.1.23 TC-132-10 http://docs.oasis-open.org/kmip/testcases/v1.2/cn01/kmip-testcases-v1.2-cn01.html#_Toc405811818
Furthermore, the specification says, " Raw – This is a key that contains only cryptographic key material, encoded as a string of bytes." It does not specify the type of key. One has to go to the user manual to discover it is supposed to only be used with symmetric keys. 3.37 http://docs.oasis-open.org/kmip/ug/v1.3/cnprd01/kmip-ug-v1.3-cnprd01.html#_Toc441680179
The X.509 key format does not give any indication which object type it is supposed to augment. Is it referring to an X.509 certificate, or only to it's public/private key, and if the latter, how does this format differ with PKCS1?
In conclusion, perhaps there should be a table linking the format types to the object types, or at least more information in the description, especially for those who are more programmers than cryptographers.
Respectfully,
However, the test cases have it used with a public key, 2.1.23 TC-132-10 http://docs.oasis-open.org/kmip/testcases/v1.2/cn01/kmip-testcases-v1.2-cn01.html#_Toc405811818
Furthermore, the specification says, " Raw – This is a key that contains only cryptographic key material, encoded as a string of bytes." It does not specify the type of key. One has to go to the user manual to discover it is supposed to only be used with symmetric keys. 3.37 http://docs.oasis-open.org/kmip/ug/v1.3/cnprd01/kmip-ug-v1.3-cnprd01.html#_Toc441680179
The X.509 key format does not give any indication which object type it is supposed to augment. Is it referring to an X.509 certificate, or only to it's public/private key, and if the latter, how does this format differ with PKCS1?
In conclusion, perhaps there should be a table linking the format types to the object types, or at least more information in the description, especially for those who are more programmers than cryptographers.
Respectfully,
This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Futurex company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments.