1 / 4

XML Security Key Management Update: Meeting XKMS Requirements

This update focuses on meeting the XKMS requirements for supporting XML security key management. Goals include registering, revoking, and updating key bindings, locating public keys, and validating key bindings to simplify client processing. General requirements are universal, usable, and extensible, leveraging XML namespaces, SOAP with document literal encoding, and server PKI technology. Security requirements ensure integrity and confidentiality via TLS and XML payload security, while also addressing issues of known-plaintext and replay attacks. Join the discussion on resolved and potentially resolved clarifications.

kimn
Télécharger la présentation

XML Security Key Management Update: Meeting XKMS Requirements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. XKMS Requirements UpdateFrederick Hirsch, Mike JustApril 23, 2002 • Goals • Requirements Summary • General, Security • Last Call Issues • For Discussion • (Potentially) Resolved • Clarifications

  2. Goals • Support XML security key management • Register, revoke, and update key bindings • Locate public keys • Validate key bindings • Enable simple diverse clients by eliminating traditional client processing complexity

  3. General Requirements • Universal, usable, extensible: • XML with namespaces • SOAP with document literal encoding • Server (PKI) technology optionally transparent to client • Response values XML-schema typed • Policy via URI • Convey context with messages

  4. Security Requirements • Trust services must support integrity and confidentiality via TLS and XML payload security. Mechanism such as VPN also allowed. • Responses must include request digest, URL • Registration authorization mechanisms • Proof of key possession • Specification must address issues of known-plaintext attacks and replay attacks.

More Related