W3C home > Mailing lists > Public > www-xkms@w3.org > December 2002

RE: changelog #A1

From: <Just.Mike@tbs-sct.gc.ca>
Date: Thu, 19 Dec 2002 10:31:11 -0500
Message-ID: <21952BAA71703442A7BC34098993B6280C0974@EXCH3.intranet.local>
To: pbaker@verisign.com, www-xkms@w3.org
Hi Phill,
For issues that include a reference to a "policy identifier", I've treated
as if we were dealing with "UseKeyWith".  Thus, I'll keep issue 30 open
until the UseKeyWith proposal is accepted.  Also, for Issue 98, I assumed
that the example would just be redone with UseKeyWith used to specify the
registration policy. I'll leave this unless you feel that you don't want to
include this feature as part of the example anymore.
Also, below you indicate "55 [is a duplicate of 25]".  I don't see the
overlap here.
-----Original Message-----
From: Hallam-Baker, Phillip [mailto:pbaker@verisign.com]
Sent: December 17, 2002 12:28 PM
To: Www-Xkms (E-mail)
Subject: FW: changelog #A1
All,still editing the spec, but the changes for some of the other issues are
likely to be lengthy so will continue in another message
Changed date to Dec 16th
Issue 98:    Closed
        We decided to remove the policy identifier in favor of UseKeyWith
and so this issue is now redundant
Issue 30:    Close    Policy Identifier removed
OK next changes are complex since so much touches on UseKeyBinding. These
changes address issues 30, 84, 79 and in part 117

Element <UseKeyWith>

The  <UseKeyWith> element specifies a subject identifier and application
identifier that determine a use of the key.
In the case of a <KeyBinding> or <UnverifiedKeyBinding> the <UseKeyWith>
element specifies a use of the key. If multiple <UseKeyWith> elements are
present each element specifies a use of the key.
In the case of a <QueryKeyBinding> or <TemplateKeyBinding> the <UseKeyWith>
element specifies an intended use of the key. If multiple <UseKeyWith>
elements are present each element specifies an intended use of the key. 
Application     [Required]
A URI that specifies the application protocol with which the key may be used
Identifier     [Required]
Specifies the subject to which the key corresponds within the specified
application protocol.
<UseKeyWith> application identifiers MAY be used to represent key binding
issuance and/or use policies instead of an application protocol. In this
case the <UseKeyWith> element specifies that the key binding complies with
the specified policy.
In the case that a client follows a referral model in which raw key binding
information is obtained from a Locate service then forwarded to a validate
service the <UseKeyWith> elements in the query should in both cases specify
the uses for which the application intends to use the key. Applications
SHOULD NOT forward <UseKeyWith> elements returned in a Locate result in a
subsequent Validate query.
The following table lists application URIs for common protocols and the
corresponding format for the identifier information:

Application URI

URL identifying SOAP role

URL identifying SOAP role

SMTP email address of subject
RFC822 addr-spec

SMTP email address of subject
RFC822 addr-spec

DNS address of http server
DNS Address

DNS address of mail server
DNS Address

IP address of network resource
IP Address

Certificate Subject Name
X.509 Distinguished Name
The XKMS application URI is used to specify a key binding that is used to
secure an XKMS service. An XKMS service SHOULD support discovery of the
supported security profiles and corresponding key bindings by means of a
Locate operation that specifies the XKMS application URI and the URL of the
service role.
The following table describes the formatting for the specified types of

Identifier Type

RFC822 addr-spec
The addr-spec fragment of an RFC 822 email address as used by SMTP

A Uniform Resource Locator

DNS Address
An Internet DNS address

IP Address
An IPv4 address in decimal notation

An IPv6 address in  <outbind://1/#RFC-2373> RFC 2373 notation

X.509 Distinguished Name
C="UK" O="CryptoGuys Ltd." CN="Bob"
An X.509 Distinguished Name
The following schema defines the <UseKeyWith> element:
Issue 96    Removed the sentence Joseph comments on as obsolete.
Issue 108 Done
Issue 119 Done 
Issue 121  Done
Issue 123 Done as per Ed's message 
Issue 124 Done
58 is done except for the organizations for the following:
Eric Brunner-Williams
Jean Pawluk, 
Pradeep Lamsal 
Outstanding (major)
122, 120, 118, 117, 116, 115, 114, 103, 74, 71, 57, 25, 47
Outstanding (last minute)
17, 18,  [final audit]
37, 39, 
55 [is a duplicate of 25]
102 [ none at present but they do seem to keep popping back]
I think are closed - 
36 - we use SOAP throughout except where we mention the XML Protocol working
Received on Thursday, 19 December 2002 10:31:40 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:40 UTC