Sun gives key management an open-source twist

Key management standards may not be the most glamorous aspect of IT security, but when you're trying to get your encryption-using devices to interoperate with your network, it matters. Now Sun's offering an open-source option.

The Crypto KMS Agent Toolkit is Sun's version of a KIMP (Key Management Interface Protocol) is, according to the company, the world's first generic communication protocol between a Key Manager and an encrypting device. It's available as part of the OpenSolaris Project.

Sun says the agent software developed with the toolkit will be able to acquire key material from key managers implementing Sun Crypto KMS Web services, which includes a number of Sun StorageTek tape drives and the HP LTO4 drives to be found in Sun libraries. And other companies are working on support for the protocol too, including EMC (which may include it as an option on RSA's RKM Key manager) and IBM.

But Sun's not the only player out there; there's an IEEE committee (1619.3) underway, and there's one under the OASIS (Organization for the Advancement of Structured Information Standards) too. Earlier this month, a consortium of vendors not including Sun said they'd be forming an OASIS KMIP tech committee. It's not clear that the OASIS standard would be interoperable with that offered by Sun, though some of the companies involved are believed to be working with Sun's standard as well.

The Sun software has been released under the terms of the BSD License.