W3C home > Mailing lists > Public > www-xkms-ws@w3.org > November 2001

Re: XKMS requirements - initial draft

From: Rich Salz <rsalz@zolera.com>
Date: Tue, 13 Nov 2001 11:15:14 -0500
Message-ID: <3BF14712.18C54CA@zolera.com>
To: stephen.farrell@baltimore.ie
CC: www-xkms-ws@w3c.org, hirsch@zolera.com, mike.just@entrust.com
Stephen Farrell wrote:
> 5. Relationship to SOAP/XML protocol security. My belief is that xkms
>    will be easier to finish, implement and more efficient if we define,
>    in the xkms specification(s), how xkms transactions are secured, rather
>    than assume that generic XML protocol security mechanisms are used
>    to secure xkms. If we have concensus on this then I think we should
>    call this out specifically, so that the other folks don't get the
>    wrong impression.

I pretty much agree with what you wrote, but I wanted to particularly
mention this.  I'm viewing "XML Protocol Security" as being
transport-like, and not part of the application.  I don't know if that's
the intent, or not.  Regardless, the "soap security" note, is still just
a W3C Note, and the XMLProtocol group (in which I'm active) isn't doing
anything about security yet.

So, I think XKMS messages should have their own optional ds:Signature
element defined in all messages.
	/r$

-- 
Zolera Systems, Your Key to Online Integrity
Securing Web services: XML, SOAP, Dig-sig, Encryption
http://www.zolera.com
Received on Tuesday, 13 November 2001 11:16:10 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 13:51:41 EDT