The following schema defines the MessageAbstractType abstract type:
For example, a client that has no X.509 processing capability might perform a Locate operation to obtain the public key parameters and name information from a <ds:Keyinfo> element that specifies only a certificate. The RespondWith element values in this case would be xkms:KeyName and xkms:KeyValue.
The following schema defines the <RespondWith> element::
The following schema defines the <PendingNotification> element and PendingNotificationType type:
The PendingRequest element is used to request the result of a previously presented request for which the MajorResult code xkms:Pending was returned. The PendingRequest element inherits the element and attributes of AbstractRequestType and the following attribute:
The following schema defines the PendingRequest element and PendingRequestType type:
The ResultAbstractType abstract type is the type from which all XKMS response element types are derived. The ResultAbstractType abstract type inherits the element and attributes of the MessageAbstractType abstract type and in addition contains the following attributes
If the MajorResult value has the value Represent the nonce attribute MUST be present and MUST NOT be the empty string.
Alice wants to send an encrypted email to Bob but does not know his encryption key. Alice can use both the S/MIME and PGP secure email formats. Alice's client uses DNS to locate the XKMS service that provides a Locate service for keys bound to the domain bobcorp.test then sends an XKMS Locate request to the discovered XKMS service for a key bound to bob@bobcorp.test and the S/MIME or PGP protocol. The application then verifies that the certificate obtained meets its trust criteria by standard certificate validation to a trusted root.
Request:
Response: