Reformatting README to use reStructuredText

This change reformats the README to use the syntax and formatting
recognized by reStructuredText parsers. Several typos have been fixed
along with minor rephrasing and condensing of text. All external
references have officially been replaced with direct links to the
documents and document sections in question.
This commit is contained in:
Peter Hamilton 2014-09-19 18:00:35 -04:00
parent a344fd6e41
commit 87afc0832e

View File

@ -1,131 +1,151 @@
====== ------
PyKMIP PyKMIP
====== ------
PyKMIP is a Python implementation of the Key Management Interoperability PyKMIP is a Python implementation of the Key Management Interoperability Protocol (KMIP) specification, supporting version 1.1 of the KMIP standard. The KMIP standard is governed by the `Organization for the Advancement of Structured Information Standards`_ (OASIS) and specifies a client/server-based protocol to perform key, certificate, and secret object management, including storage and maintenance operations.
Protocol (KMIP) specification, supporting version 1.1 of the KMIP standard.
KMIP is an OASIS standard specifying a client/server-based protocol to perform The PyKMIP library currently provides a KMIP client and server supporting the following operations for the KMIP SymmetricKey managed object:
key, certificate, or generic object management relating generally to storage
and maintenance operations. The PyKMIP library currently provides a KMIP * Create
client and server supporting the following operations for the KMIP * Register
SymmetricKey managed object: * Get
* Destroy
* create
* register Note that KMIP specifies profiles that tailor the standard to specific use cases. The `KMIP Profile Support`_ section includes several profiles that need to be developed for PyKMIP to fully support symmetric key storage and generation capabilities. A list of operations necessary for these profiles is included.
* get
* destroy The PyKMIP software-based KMIP server is intended for use only in testing and demonstration environments. Note that the PyKMIP server is **NOT** intended to be a substitute for secured, hardware-based KMIP appliances. The PyKMIP client should be used for operational purposes only with a hardware-based KMIP server. The development of the PyKMIP client and server should take place in parallel to facilitate testing of each operation as it is developed.
Note that KMIP specifies profiles that tailor the standard to specific use Platforms
cases. The KMIP Profile Support section below includes several profiles that =========
need to be developed for PyKMIP to more fully support the symmetric key storage PyKMIP has been tested and runs on Ubuntu 12.04 LTS.
and generation capabilities. A list of operations necessary for these profiles
are also included. .. _KMIP Profile Support:
The PyKMIP software-based KMIP server is intended for use only in testing and KMIP Profile Support
demonstration environments. Note that the PyKMIP server is NOT intended to be ====================
a substitute for secured, hardware-based KMIP appliances. The PyKMIP client The KMIP standard includes various profiles that tailor the standard for specific use cases (e.g., symmetric key storage with TLS 1.2). These profiles specify conformance to certain operations and attributes. The operations listed below are needed to support symmetric key profiles, which are also provided below. We would appreciate help in the development of these operations, and have listed our recommended order of development prioritization in descending order. Since active development of these features is already underway, please check the `code base`_ to assess the status of operations prior to development.
should be used for operational purposes only with a hardware-based KMIP server.
KMIP operations to add to PyKMIP:
Version
======= * Discover Versions
Earlier versions of PyKMIP are not intended to support KMIP profiles. Work * List
to further mature PyKMIP to add support for basic profiles is underway (see * Locate
below.) For more information on KMIP profiles, see the OASIS documentation * Check
in the reference section. * Revoke
* Get Attributes
Note that development of the PyKMIP client and server should take place in * Get Attribute List
parallel to facilitate testing of each operation as it is developed. * Add Attribute
* Modify Attribute
* Delete Attribute
Platform * Activate
======== * Query
PyKMIP has been tested and runs on Ubuntu 12.04 LTS.
Note that the Create, Register, Get, and Destroy operations were completed with the initial version of PyKMIP to allow very basic KMIP symmetric key operations.
KMIP Profile Support Server Profiles
==================== ---------------
The KMIP standard includes various profiles that tailor the standard for Server profiles that support KMIP symmetric key operations:
specific use cases, such as for symmetric key storage with TLS1.2 specified.
These profiles specify conformance to certain operations and attributes. The * `Basic Baseline Server KMIP Profile`_ (includes TLS 1.0+)
operations listed directly below are needed to support symmetric key profiles
also listed below. We would appreciate help in the development of these * Client-to-Server operations needed for this (see the `Baseline Server Clause`_) include:
operations, and have listed our recommended order of development prioritization
to consider. This list is in order of decending priority. Since development * Locate
is already underway, and code will be merged, please check the code base to * Check
assess the status of operations prior to development. Note that these operations * Get
support KMIP Profiles that are listed at the end of this document. * Get Attributes
* Get Attribute
KMIP Operations to add to PyKMIP, in our recommended order of priority: * List
- Discover Versions * Add Attribute
- Locate * Modify Attribute
- Check * Delete Attribute
- Revoke * Activate
- Get Attributes * Revoke
- Get Attribute List * Destroy
- Add Attribute * Query
- Modify Attribute * Discover Versions
- Delete Attribute
- Activate * `Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile`_
- Query
* Client-to-Server operations needed for this (see the `Symmetric Key Store and Server Conformance Clause`_) include all operations from the `Basic Baseline Server KMIP Profile`_ and also the Register operation.
Note that Create, Register, Get, and Destroy operations were completed with the
initial version of PyKMIP to allow very basic KMIP symmetric key operations. * `Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP profile`_
* Client-to-Server operations needed for this (see the `Symmetric Key Foundry and Server Conformance Clause`_) include all operations from the `Basic Baseline Server KMIP Profile`_ and also the Create operation.
Profiles that support KMIP symmetric key opererations (see link in references
section): Client Profiles
---------------
4.2* "Basic Baseline Server KMIP Profile" (includes TLS 1.0+) Client profiles that support KMIP symmetric key operations:
Client to Server Operations needed for this (See 5.2*):
Required operations include Locate, Check, Get, Get Attributes, Get Attribute * `Basic Baseline Client KMIP Profile`_ (includes TLS 1.0+)
List, Add Attribute, Modify Attribute, Delete Attribute, Activate, Revoke,
Destroy, Query, and Discover Versions (but not Register or Create) * Client-to-Server operations needed for this (see the `Baseline Client Clause`_) include:
4.14* "Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile" * Locate
Client to Server Operations needed for this (See 5.4*) * Check
- All operations from *4.2 and also Register operation * Get
* Get Attributes
4.15* "Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP profile" * Get Attribute
Client to Server Operations needed for this (See 5.5*) * List
- All operations from *4.2 and also Create operation * Add Attribute
* Modify Attribute
4.22* "Basic Baseline Client KMIP Profile" (includes TLS 1.0+) * Delete Attribute
Client to Server Operations needed for this (See 5.12*): * Activate
Required operations include Locate, Check, Get, Get Attributes, Get Attribute * Revoke
List, Add Attribute, Modify Attribute, Delete Attribute, Activate, Revoke, * Destroy
Destroy, Query, and Discover Versions (but not Register or Create) * Query
* Discover Versions
4.34* "Symmetric Key Store Client TLS 1.2 Authentication KMIP Profile"
Client to Server Operations needed for this (See 5.14*) * `Symmetric Key Store Client TLS 1.2 Authentication KMIP Profile`_
- All operations from *4.22 and also Register operation
* Client-to-Server operations needed for this (see the `Symmetric Key Store Client Conformance Clause`_) include all operations from the `Basic Baseline Client KMIP Profile`_ and also the Register operation.
4.35* "Symmetric Key Foundry Client TLS 1.2 Authentication KMIP profile"
Client to Server Operations needed for this (See 5.15*) * `Symmetric Key Foundry Client TLS 1.2 Authentication KMIP Profile`_
- All operations from *4.22 and also Create operation
* Client-to-Server operations needed for this (see the `Symmetric Key Foundry Client Conformance Clause`_) include all operations from the `Basic Baseline Client KMIP Profile`_ and also the Create operation.
4.42* "Storage Client TLS 1.2 Authentication KMIP Profile"
Client to Server Operations needed for this (See 5.21*) * `Storage Client TLS 1.2 Authentication KMIP Profile`_
- All operations from *4.22, Register from *4.34, and Create from *4.35
* Client-to-Server operations needed for this (see the `Storage Client Conformance Clauses`_) include all operations from the `Basic Baseline Client KMIP Profile`_, the Register operation from the `Symmetric Key Store Client TLS 1.2 Authentication KMIP Profile`_, and the Create operation from the `Symmetric Key Foundry Client TLS 1.2 Authentication KMIP Profile`_.
* This designator points to a section in the Key Management Interoperability References
Profiles Version 1.1. The link to this document is in the references section ==========
below. The source code for PyKMIP is hosted on GitHub and the library is available for installation from the Python Package Index (PyPI):
References * `GitHub <https://github.com/OpenKMIP/PyKMIP>`_
========== * `PyPI <https://pypi.python.org/pypi/PyKMIP>`_
For more information on the KMIP specification, see the `OASIS documentation For more information on KMIP version 1.1, see the following documentation:
for KMIP
<http://docs.oasis-open.org/kmip/spec/v1.1/os/kmip-spec-v1.1-os.html>`_. * `Key Management Interoperability Protocol Specification Version 1.1`_
<http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html>`_. * `Key Management Interoperability Protocol Profiles Version 1.1`_
* `Key Management Interoperability Protocol Test Cases Version 1.1`_
Contributors Contributors
============ ============
Many thanks to the developers who created PyKMIP: Many thanks to the developers who created PyKMIP:
Nathan Reller <nathan.reller@jhuapl.edu> * `Nathan Reller <nathan.reller@jhuapl.edu>`_
Peter Hamilton <peter.hamilton@jhuapl.edu> * `Peter Hamilton <peter.hamilton@jhuapl.edu>`_
Kaitlin Farr <kaitlin.farr@jhuapl.edu> * `Kaitlin Farr <kaitlin.farr@jhuapl.edu>`_
.. _code base: https://github.com/OpenKMIP/PyKMIP
.. _Organization for the Advancement of Structured Information Standards: https://www.oasis-open.org/
.. _Key Management Interoperability Protocol Specification Version 1.1: http://docs.oasis-open.org/kmip/spec/v1.1/os/kmip-spec-v1.1-os.html
.. _Key Management Interoperability Protocol Profiles Version 1.1: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html
.. _Key Management Interoperability Protocol Test Cases Version 1.1: http://docs.oasis-open.org/kmip/testcases/v1.1/cn01/kmip-testcases-v1.1-cn01.html
.. _Basic Baseline Server KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820691
.. _Symmetric Key Store and Server TLS 1.2 Authentication KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820703
.. _Symmetric Key Foundry and Server TLS 1.2 Authentication KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820704
.. _Basic Baseline Client KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820711
.. _Symmetric Key Store Client TLS 1.2 Authentication KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820723
.. _Symmetric Key Foundry Client TLS 1.2 Authentication KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820724
.. _Storage Client TLS 1.2 Authentication KMIP Profile: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820731
.. _Baseline Server Clause: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820736
.. _Symmetric Key Store and Server Conformance Clause: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820742
.. _Symmetric Key Foundry and Server Conformance Clause: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820745
.. _Baseline Client Clause: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820766
.. _Symmetric Key Store Client Conformance Clause: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820772
.. _Symmetric Key Foundry Client Conformance Clause: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820775
.. _Storage Client Conformance Clauses: http://docs.oasis-open.org/kmip/profiles/v1.1/os/kmip-profiles-v1.1-os.html#_Toc332820793