{"draft":"draft-ietf-keyprov-dskpp-14","doc_id":"RFC6063","title":"Dynamic Symmetric Key Provisioning Protocol (DSKPP)","authors":["A. Doherty","M. Pei","S. Machani","M. Nystrom"],"format":["ASCII","HTML"],"page_count":"105","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Provisioning of Symmetric Keys","abstract":"The Dynamic Symmetric Key Provisioning Protocol (DSKPP) is a\r\nclient-server protocol for initialization (and configuration) of\r\nsymmetric keys to locally and remotely accessible cryptographic\r\nmodules.  The protocol can be run with or without private key\r\ncapabilities in the cryptographic modules and with or without an\r\nestablished public key infrastructure.\r\n\r\nTwo variations of the protocol support multiple usage scenarios.  With\r\nthe four-pass variant, keys are mutually generated by the provisioning\r\nserver and cryptographic module; provisioned keys are not transferred\r\nover-the-wire or over-the-air.  The two-pass variant enables secure\r\nand efficient download and installation of pre-generated symmetric\r\nkeys to a cryptographic module.  [STANDARDS-TRACK]","pub_date":"December 2010","keywords":["[--------]","Cryptographic module","Cryptographic Token","key initialization","credentials","online provisioning"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6063","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6063"}