W3C home > Mailing lists > Public > www-xkms@w3.org > November 2002

Registration requests Authentication

From: Clement Seveillac <cseveillac@montrouge.sema.slb.com>
Date: Mon, 04 Nov 2002 14:35:27 +0100
To: www-xkms@w3.org
Message-id: <5.1.0.14.2.20021104143414.02cc03f8@popper.montrouge.tt.slb.com>
Hello group,

[Note: this mail was first posted to the XKMS Developer mailing-list, but 
did not get any response, maybe because it's more CAs' and clients' 
policies-oriented than development-oriented. We would greatly appreciate 
any insight on these questions!]

My name is Clement Seveillac, and I am working with Philippe Mezger on XKMS 
integration in the card division of SchlumbergerSema. As you probably know, 
SchlumbergerSema, as a smart card vendor, is offering the service of 
producing PKI personalized card (i.e : cards loaded with credentials and 
keys/certificates ). To do so, we always try to implement the most 
appropriate interface with CAs to submit public keys & receive certificates.

The specific concern we have is to find a way to exchange with a high level 
of security keys & certificates as bulk requests, as we usually produce 
from thousands to millions of cards per batch. Since such strong 
authentication features require implementation of crypto calculation on 
dedicated hardware (e.g. HSM, smart card), we need some clarification on 
the registration request authentication features that XKMS offers, and how 
they will be implemented in the real world.

So our question is: what would be the most realistic authentication 
scenario, according to your existing infrastructure and policies?

Considering the latest XKMS v2.0 draft, I see this list of possible 
authentication schemes:

I. Scenarios with an HMAC Signature (that needs an exchange of a shared 
secret) in the KeyBindingAuthentication element

   1/ The CA sends to the client (or the client sends to the CA) a 
clear-text shared secret (maybe in a PGP or S/MIME encrypted e-mail, it has 
no importance)

   2/ The CA sends to the client (or the client sends to the CA) a shared 
secret encrypted with a Key Exchange Key (previously established TripleDES 
key or other type of symmetric key)

   3/ The CA sends to the client (or the client sends to the CA) a shared 
secret encrypted with a one of its partner's public Key

   4/ The CA sends to the client (or the client sends to the CA) a 
clear-text shared secret in several parts using different channels (for 
example using three key components and a key check value, the final key 
being an XOR -- or other algorithm produce -- of the three key components)


II. Scenarios with a RSA (or DSS) Signature in the KeyBindingAuthentication 
element

   1/ The client already has a CA-trusted key pair, and uses it to sign its 
XKMS requests

   2/ The client "securely" sends a RSA public key to the CA (no further 
details are needed here)

   3/ The CA "securely" sends a RSA key pair to the client (no further 
details are needed here)


III. Other scenarios

   1/ XML signature outside the KeyBindingAuthentication (may be useful, 
for example, if we must register 1000 key bindings but we want to make a 
single authentication signature), for example an enveloped Signature of the 
top-level element (RegisterRequest)

     1.a/ with a HMAC Signature (see. I.)
     1.b/ with an asymmetric algorithm Signature (see II.)

   2/ Detached XML signature, but I am neither familiar with SOAP nor with 
WS-Security, could you explain me how it would differ, and maybe be better, 
than an enveloped signature?

   3/ Authentication outside XML and SOAP (for example TLS/SSL, or private 
network...)

Thanks in advance,

Clement Seveillac
Personalization & Test Development Team
SchlumbergerSema 
Received on Monday, 4 November 2002 08:42:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:18 GMT