Compromised Objects
A Cryptographic Object or Opaque Object may be compromised for a variety of reasons. In KMIP, a
client indicates to the server that a Cryptographic Object is to be considered compromised by
performing a Revoke Operation with a Revocation Reason of Compromised. If the KMIP client may
provide a Compromise Occurrence Date if it is able to estimate when the compromise occurred and
if the client is unable to provide this information then a server may set the Compromise Occurrence
Date to the Initial Date.
The KMIP specification places no requirements on a KMIP server to perform any action on any
Managed Object that references a Cryptographic Object or Opaque Object that a client has
performed a Revoke operation with a Revocation Reason of Compromised.
KMIP users should be aware that there may be security relevant implications in continuing to use a
Managed Cryptographic Object in the following circumstances and that it is the responsibility of the
client to either check the state of the referenced Managed Object or to also perform a Revoke
operation on the referenced Managed Object.



For a Private Key, the linked Public Key and/or Certificate;
For a Public Key, the linked Private Key and/or Certificate;
For a Derived Key, the linked derived key and/or Secret Data Object