W3C home > Mailing lists > Public > www-xkms@w3.org > December 2002

ssl usage

From: <Frederick.Hirsch@nokia.com>
Date: Thu, 5 Dec 2002 11:22:01 -0500
Message-ID: <E320A8529CF07E4C967ECC2F380B0CF901067F7D@bsebe001.americas.nokia.com>
To: <www-xkms@w3c.org>

Is it possible to use XKMS to manage SSL client certificate validation? If so I have a question
about the UseKeyWith Identifier semantics.

Upon registration, I assume I would

- not specify KeyUsage (since it really isn't for signing or encryption per se)
- and would not know how to use UseKeyWith because the SSL UseKeyWith Application assumes
a server side identifier.

I would like to limit the client certificate to SSL only. How can I do this? 
(I realize that this is not a ds:KeyInfo application, but am thinking how an XKMS server 
would be beneficial beyond XML security applications)

regards, Frederick
 
Frederick Hirsch
Nokia Mobile Phones
Received on Thursday, 5 December 2002 11:22:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:18 GMT