Re: Proposed Final Charter and Activity Proposal from Joseph Reagle on 2001-08-31 (www-xkms-ws@w3.org from August 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Fri, 31 Aug 2001 14:46:46 -0400
To: Mary_Ellen_Zurko@iris.com
Cc: www-xkms-ws@w3.org
Message-Id: <20010831184646.9ECC287664@policy.w3.org>

On Wednesday 29 August 2001 15:58, Mary_Ellen_Zurko@iris.com wrote:
> "XKMS implementations must be able to interoperate in a useful and secure
> fashion for all tiers of services".

I've added "These features, and their specification, must be able to 
interoperate in a secure fashion. to requirement 3.

> As a specific example, I'm concerned that there seems to be
> no way to guard against replay detection when interoperating between
> different implementations. 

A reply in what sense? My understanding is that  XKMS defines the grammar and 
syntax for exchanging keys and their metadata. I assume the integrity and 
authenticity of that information (like a key query) would be covered by 
XMLDSIG and SAML?

Received on Friday, 31 August 2001 14:46:47 UTC