40 likes | 122 Views
XKMS Requirements Update Frederick Hirsch, Mike Just April 23, 2002. Goals Requirements Summary General, Security Last Call Issues For Discussion (Potentially) Resolved Clarifications. Goals. Support XML security key management Register, revoke, and update key bindings
E N D
XKMS Requirements UpdateFrederick Hirsch, Mike JustApril 23, 2002 • Goals • Requirements Summary • General, Security • Last Call Issues • For Discussion • (Potentially) Resolved • Clarifications
Goals • Support XML security key management • Register, revoke, and update key bindings • Locate public keys • Validate key bindings • Enable simple diverse clients by eliminating traditional client processing complexity
General Requirements • Universal, usable, extensible: • XML with namespaces • SOAP with document literal encoding • Server (PKI) technology optionally transparent to client • Response values XML-schema typed • Policy via URI • Convey context with messages
Security Requirements • Trust services must support integrity and confidentiality via TLS and XML payload security. Mechanism such as VPN also allowed. • Responses must include request digest, URL • Registration authorization mechanisms • Proof of key possession • Specification must address issues of known-plaintext attacks and replay attacks.