1 / 4

XKMS Requirements Update Frederick Hirsch, Mike Just April 23, 2002

XKMS Requirements Update Frederick Hirsch, Mike Just April 23, 2002. Goals Requirements Summary General, Security Last Call Issues For Discussion (Potentially) Resolved Clarifications. Goals. Support XML security key management Register, revoke, and update key bindings

kimn
Download Presentation

XKMS Requirements Update Frederick Hirsch, Mike Just April 23, 2002

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. XKMS Requirements UpdateFrederick Hirsch, Mike JustApril 23, 2002 • Goals • Requirements Summary • General, Security • Last Call Issues • For Discussion • (Potentially) Resolved • Clarifications

  2. Goals • Support XML security key management • Register, revoke, and update key bindings • Locate public keys • Validate key bindings • Enable simple diverse clients by eliminating traditional client processing complexity

  3. General Requirements • Universal, usable, extensible: • XML with namespaces • SOAP with document literal encoding • Server (PKI) technology optionally transparent to client • Response values XML-schema typed • Policy via URI • Convey context with messages

  4. Security Requirements • Trust services must support integrity and confidentiality via TLS and XML payload security. Mechanism such as VPN also allowed. • Responses must include request digest, URL • Registration authorization mechanisms • Proof of key possession • Specification must address issues of known-plaintext attacks and replay attacks.

More Related