# v1.0.2  - Dec 22, 2025

**Highlights**

* **Restricted Key Selection for Google Default Key & CSE Rules**\
  When configuring Google default keys and CSE rules, users can now select only active/enabled workspace keys, and EC keys are explicitly excluded.
* **Manual Scheduling of Key Version Deletion**\
  Key managers can now manually move disabled key versions into a scheduled destruction state to expedite removal of compromised or unused versions.
* **Cancel Scheduled Key Deletion**\
  Scheduled key deletions can be canceled during the grace period, restoring the key to a disabled state with full audit traceability.
* **Automatic Retention Enforcement for Key Versions**\
  When a key version is disabled, the system now automatically calculates and enforces retention and destruction timelines based on effective policy rules.
* **Updated Google CSE Configuration Guidelines**\
  Google Client-Side Encryption (CSE) setup documentation has been updated to reflect the latest configuration flow and workspace-scoped behavior.
* **Updated Landing Page Content**\
  The landing page has been refreshed to align with the latest Workspace Oten KMS capabilities, Google CSE integration, and governance model.

**Landing Page**

* <https://oten.com/products/kms>

**Version Info**

* v1.0.2 — Platform: Web