Re: XKMS requirements - initial draft

Stephen Farrell wrote:
> 5. Relationship to SOAP/XML protocol security. My belief is that xkms
>    will be easier to finish, implement and more efficient if we define,
>    in the xkms specification(s), how xkms transactions are secured, rather
>    than assume that generic XML protocol security mechanisms are used
>    to secure xkms. If we have concensus on this then I think we should
>    call this out specifically, so that the other folks don't get the
>    wrong impression.

I pretty much agree with what you wrote, but I wanted to particularly
mention this.  I'm viewing "XML Protocol Security" as being
transport-like, and not part of the application.  I don't know if that's
the intent, or not.  Regardless, the "soap security" note, is still just
a W3C Note, and the XMLProtocol group (in which I'm active) isn't doing
anything about security yet.

So, I think XKMS messages should have their own optional ds:Signature
element defined in all messages.
	/r$

-- 
Zolera Systems, Your Key to Online Integrity
Securing Web services: XML, SOAP, Dig-sig, Encryption
http://www.zolera.com

Received on Tuesday, 13 November 2001 11:16:10 UTC