W3C home > Mailing lists > Public > public-identity@w3.org > November 2011

Re: Web Crypto WG and XKMS

From: Harry Halpin <hhalpin@w3.org>
Date: Fri, 11 Nov 2011 11:27:48 +0100
Message-ID: <4EBCF8A4.7000409@w3.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
CC: Dan Brickley <danbri@danbri.org>, "public-identity@w3.org" <public-identity@w3.org>, Rigo Wenning <rigo@w3.org>
On 11/02/2011 09:28 AM, Stephen Farrell wrote:
> XKMS was an angle bracket adjunct to PKI devoted to protocols as you note. There has been little or no adoption.
>
> I'd say this WG could be inspired by some of that work, or not, as they choose, and it'll be fine.

I think to the extent this WG *may* go after formats, it will do in 
liason with the IETF JOSE WG, i.e. using JSON-based formats. For all 
sorts of relatively obvious reasons, this being a Javascript API [1].

That's in the charter already.

[1] http://trac.tools.ietf.org/wg/jose/
> Stephen (former XKMS co-chair)
>
> On 2 Nov 2011, at 08:17, Dan Brickley<danbri@danbri.org>  wrote:
>
>> Hi
>> Looking at http://www.w3.org/wiki/IdentityCharter#Web_Cryptography_Working_Group_Charter
>> "The goal of this Working Group provide standards around key storage
>> and cryptographic primitives that will provide capabilities that are
>> currently difficult to do safely on the Web platform. "
>>
>> (+1 on the new name btw)
>>
>> How does this relate to the earlier XKMS work?
>> http://www.w3.org/standards/techs/xkms#w3c_all
>>
>> e.g. http://www.w3.org/TR/2005/REC-xkms2-20050628/
>> Abstract: "This document specifies protocols for distributing and
>> registering public keys, suitable for use in conjunction with the W3C
>> Recommendations for XML Signature [XML-SIG] and XML Encryption
>> [XML-Enc]. The XML Key Management Specification (XKMS) comprises two
>> parts — the XML Key Information Service Specification (X-KISS) and the
>> XML Key Registration Service Specification (X-KRSS)."
>>
>> It seems the latter emphasises protocols (and hence leans more towards
>> SOAP/WSDL than APIs), while the former emphasises in-browser APIs, but
>> they share a concern for key storage and management?
>>
>> Are there any pieces of work that can be shared across these use cases?
>>
>> cheers,
>>
>> Dan
>>
Received on Friday, 11 November 2011 10:27:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 11 November 2011 10:27:53 GMT