In a Secure Key Management System (SKMS), every request/response is digitally signed. The symmetric key in a response is always encrypted. Every object in the SKMS database is digitally signed, including the audit trail. Every symmetric key is encrypted and digitally signed. The key cache is in the client.