The W3C XML Key Management Working Group has released Last Call Working Drafts for XML Key Management Specification (XKMS) Version 2.0 and XML Key Management Specification (XKMS) Bindings Version 2.0. The specifications define protocols "for distributing and registering public keys for use with XML Signature and XML Encryption. The XKMS specification contains two parts: the XML Key Information Service Specification (X-KISS) and the XML Key Registration Service Specification (X-KRSS). "These protocols do not require any particular underlying public key infrastructure (such as X.509) but are designed to be compatible with such infrastructures." X-KISS specifies a protocol "to support the delegation by an application to a service of the processing of key information associated with an XML signature, XML encryption, or other usage of the XML Signature <ds:KeyInfo> element." X-KRSS defines a protocol "to support the registration of a key pair by a key pair holder, with the intent that the key pair subsequently be usable in conjunction with the XML Key Information Service Specification or a Public Key Infrastructure (PKI) such as X.509 (PKIX). While the specification uses the terms 'trust' and 'policy' informally, it does not define semantics nor processing associated with either. Instead,it defines how a Validate Service returns information that has been validated according to external trust and policy specifications... the benefit of an XKMS Validate Service is that it provides a front end to different security and PKI technologies with their own particular semantics." The WG invites comments on the specifications until May 23, 2003.
Bibliographic Information for XKMS Working Drafts
XML Key Management Specification (XKMS) Version 2.0. W3C Working Draft 18-April-2003. Edited by Phillip Hallam-Baker (VeriSign). Version URL: http://www.w3.org/TR/2003/WD-xkms2-20030418/. Latest version URL: http://www.w3.org/TR/xkms2/. Previous version URL: http://www.w3.org/TR/2002/WD-xkms2-20020318/. Contributions by: Daniel Ash (Identrus), Blair Dillaway (Microsoft), Donald Eastlake 3rd (Motorola), Yassir Elley (Sun Microsystems), Jeremy Epstein (webMethods), Stephen Farrell (Baltimore, Co-Chair), Phillip Hallam-Baker (VeriSign Inc., Editor),), Loren Hart (VeriSign Inc.), Mack Hicks (Bank of America), Merlin Hughes (Baltimore), Frederick Hirsch (Nokia Mobile Phones), Mike Just (Treasury Board of Canada Secretariat), Brian LaMacchia (Microsoft), Pradeep Lamsal, Shivaram Mysore (Sun Microsystems, Co-Chair), Joseph Reagle (W3C), Dave Remy (GeoTrust, Inc.), Peter Rostin (RSA Security Inc.), Ed Simon (XMLsec Inc.), and Slava Galperin (Sun Microsystems).
XML Key Management Specification (XKMS) Bindings Version 2.0. W3C Working Draft 18-April-2003. Edited by Phillip Hallam-Baker (VeriSign). Version URL: http://www.w3.org/TR/2003/WD-xkms2-bindings-20030418/. Latest version URL: http://www.w3.org/TR/xkms2-bindings/. Previous version URL: http://www.w3.org/TR/2002/WD-xkms2-20020318/.
"The W3C XML Signature and XML Encryption Activities focus on the processes of signature and encryption, not on how a cryptographic key, necessary to these processes, is actually obtained. Consequently, there is a requirement that simple XML based clients be able to securely obtain keys, including those from pre-existing Public Key Infrastructures (PKI). The role of this Activity is to satisfy these requirements in a manner that is consistent with the XML and XML Signature architectural approach. Work on XKMS being managed as part of W3C's Technology and Society domain." [from the Activity Statement]
- XML Key Management Specification (XKMS) Version 2.0. W3C Working Draft 18-April-2003.
- XML Key Management Specification (XKMS) Bindings Version 2.0. W3C Working Draft 18-April-2003.
- Feedback: send comments to the editor, Phillip Hallam-Baker
- Mail Archives for list 'email@example.com'
- XML Key Management Requirements. W3C Working Draft 10-January-2003. Documents the "design principles, scope and requirements for XML Key Management specifications and trust server key management implementations; includes requirements as they relate to the key management syntax, processing, security and coordination with other standards activities."
- See also: XML Key Management Specification Bulk Operation (X-BULK). W3C Working Draft 18-March-2002.
- W3C XML Digital Signatures Activity Statement
- W3C XML Encryption Activity Statement
- W3C XML Key Management (XKMS) Activity Statement
- XML Key Management Working Group Charter
- W3C XML Key Management Working Group
- "XML Key Management Specification (XKMS)" - Main reference page.
- XML and Security - General reference page.