W3C has announced a call for papers and registration in connection with a workshop on XML Key Management Services, to be held July 19, 2001 in Redwood City, California. The goal of the workshop is "to consider the requirements for simple key resolution and trust services for XML security applications, the degree to which the XKMS specification satisfies those requirements, and to determine if there is sufficient focus and interest to propose a W3C activity in this area." The workshop will focus upon 'questions of key trustworthiness' which hitherto have not been in scope for W3C activities under the XML Signature and XML Encryption work. The workshop organizers believe the broader questions of trust not yet fully accounted for in W3C activity, including confidence in a key, "are critical to secure XML applications, reliable XML protocols and trusted Web services. Topics likely to be discussed at this workshop include: (1) XML Security application key management requirements (2) Dependencies upon XML Protocol, Web services, XML Query, Semantic Web, and transport protocols [e.g., HTTP]; (3) Security considerations resulting from a specification; (4) The scope of any resulting W3C Activity." Workshop attendance will be limited to forty-five (45) participants, based upon the quality of position papers submitted and [preference for] membership in a W3C Working Group.

XKMS Background: "Recently, a number of W3C Members made an XKMS Submission that adds an additional layer of security services to Web standards. XKMS address these issues in two parts: X-KISS and X-KRSS. First, the X-KISS specification defines a protocol for a Trust service that resolves the key information contained in an XML Signature or Encryption element. This permits a client to delegate part or all of the tasks required to process key information. This delegation is useful in that a light-weight, XML only client can delegate the processing of other formats (ASN1 encoded certificates) and their semantics (X509 semantics and path validation rules) to an external service. Second, the X-KRSS specification defines a protocol for a Web service that accepts registration of public key information. Once registered, the public key may be used in conjunction with other Web services including X-KISS..."