The W3C XML Key Management Working Group has released Last Call Working Drafts for XML Key Management Specification (XKMS) Version 2.0 and XML Key Management Specification (XKMS) Bindings Version 2.0. The specifications define protocols "for distributing and registering public keys for use with XML Signature and XML Encryption. The XKMS specification contains two parts: the XML Key Information Service Specification (X-KISS) and the XML Key Registration Service Specification (X-KRSS). "These protocols do not require any particular underlying public key infrastructure (such as X.509) but are designed to be compatible with such infrastructures." X-KISS specifies a protocol "to support the delegation by an application to a service of the processing of key information associated with an XML signature, XML encryption, or other usage of the XML Signature <ds:KeyInfo> element." X-KRSS defines a protocol "to support the registration of a key pair by a key pair holder, with the intent that the key pair subsequently be usable in conjunction with the XML Key Information Service Specification or a Public Key Infrastructure (PKI) such as X.509 (PKIX). While the specification uses the terms 'trust' and 'policy' informally, it does not define semantics nor processing associated with either. Instead,it defines how a Validate Service returns information that has been validated according to external trust and policy specifications... the benefit of an XKMS Validate Service is that it provides a front end to different security and PKI technologies with their own particular semantics." The WG invites comments on the specifications until May 23, 2003.

Bibliographic Information for XKMS Working Drafts

XML Key Management Specification (XKMS) Version 2.0. W3C Working Draft 18-April-2003. Edited by Phillip Hallam-Baker (VeriSign). Version URL: http://www.w3.org/TR/2003/WD-xkms2-20030418/. Latest version URL: http://www.w3.org/TR/xkms2/. Previous version URL: http://www.w3.org/TR/2002/WD-xkms2-20020318/. Contributions by: Daniel Ash (Identrus), Blair Dillaway (Microsoft), Donald Eastlake 3rd (Motorola), Yassir Elley (Sun Microsystems), Jeremy Epstein (webMethods), Stephen Farrell (Baltimore, Co-Chair), Phillip Hallam-Baker (VeriSign Inc., Editor),), Loren Hart (VeriSign Inc.), Mack Hicks (Bank of America), Merlin Hughes (Baltimore), Frederick Hirsch (Nokia Mobile Phones), Mike Just (Treasury Board of Canada Secretariat), Brian LaMacchia (Microsoft), Pradeep Lamsal, Shivaram Mysore (Sun Microsystems, Co-Chair), Joseph Reagle (W3C), Dave Remy (GeoTrust, Inc.), Peter Rostin (RSA Security Inc.), Ed Simon (XMLsec Inc.), and Slava Galperin (Sun Microsystems).

XML Key Management Specification (XKMS) Bindings Version 2.0. W3C Working Draft 18-April-2003. Edited by Phillip Hallam-Baker (VeriSign). Version URL: http://www.w3.org/TR/2003/WD-xkms2-bindings-20030418/. Latest version URL: http://www.w3.org/TR/xkms2-bindings/. Previous version URL: http://www.w3.org/TR/2002/WD-xkms2-20020318/.

XKMS Activity

"The W3C XML Signature and XML Encryption Activities focus on the processes of signature and encryption, not on how a cryptographic key, necessary to these processes, is actually obtained. Consequently, there is a requirement that simple XML based clients be able to securely obtain keys, including those from pre-existing Public Key Infrastructures (PKI). The role of this Activity is to satisfy these requirements in a manner that is consistent with the XML and XML Signature architectural approach. Work on XKMS being managed as part of W3C's Technology and Society domain." [from the Activity Statement]