[ ] Currently the key server does not store any context about where keys are generated. The server MUST be able to distinguish keys generated/imported client-side from keys generated server-side.
[ ] Additionally, the key server MUST flag ALL key types as having been retrieved in its database (separate from audit logs) during the servicing of a "retrieve" request.
Both of the above are for future security: if the key server does not save state as to where keys are created and whether or not they have been retrieved, the key server cannot enforce policies around shared control.
Both of the above are for future security: if the key server does not save state as to where keys are created and whether or not they have been retrieved, the key server cannot enforce policies around shared control.