W3C home > Mailing lists > Public > www-xkms@w3.org > April 2003

[XKMS Validate Example] Invalid Response for a Validate Request

From: Yasir Khan <Yasir.Khan@Ascertia.Com>
Date: Wed, 30 Apr 2003 18:08:15 +0500
Message-ID: <009401c30f19$b4ef0c30$1000a8c0@ascertia3>
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Cc: <www-xkms@w3.org> 
Hi,

I want to point out another mistake in the latest document of XKMS (18 April 2003 ) 

Section 4.2.1 Example: Document Signature 

The XKMS ValidateResponse is not correct according to the ValidateRequest  

The ValidateRequest requires KeyName element to be present in ValidateResult,  the ValidateResult has the ResultMajor = Success but only contains X509Certificate in KeyInfo, according to this example KeyName should be present in KeyInfo for ResultMajor = Success . This shows that ValidateResult is not composed successfully.

[156] Request:
<?xml version="1.0" encoding="utf-8"?>
<ValidateRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
      xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
      Id="Ic4d10f0affff49382b021a820613fa71" 
      Service="http://test.xmltrustcenter.org/XKMS" 
      xmlns="http://www.w3.org/2002/03/xkms#">
   <RespondWith>KeyName</RespondWith>
   <QueryKeyBinding>
      <ds:KeyInfo>
         <ds:X509Data>
            <ds:X509Certificate>.....</ds:X509Certificate>
            <ds:X509Certificate>.....</ds:X509Certificate>
         </ds:X509Data>
      </ds:KeyInfo>
      <KeyUsage>Signature</KeyUsage>
      <UseKeyWith Application="urn:ietf:rfc:2633" 
            Identifier="alice@alicecorp.test"/>
   </QueryKeyBinding>
</ValidateRequest>
[157]Response:

<?xml version="1.0" encoding="utf-8"?>
<ValidateResult xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
      xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
      Id="Ibc853a2455de4f7433eed5b32ece5918" 
      Service="http://test.xmltrustcenter.org/XKMS" ResultMajor="Success" 
      RequestId="#Ic4d10f0affff49382b021a820613fa71" 
      xmlns="http://www.w3.org/2002/03/xkms#">
  <KeyBinding Id="Ie4d5784ea01e70085de088bd09b6e134">
    <ds:KeyInfo>
      <ds:X509Data>
        <ds:X509Certificate>.....</ds:X509Certificate>
      </ds:X509Data>
    </ds:KeyInfo>
    <KeyUsage>Signature</KeyUsage>
    <KeyUsage>Encryption</KeyUsage>
    <KeyUsage>Exchange</KeyUsage>
    <UseKeyWith Application="urn:ietf:rfc:2633" 
          Identifier="alice@alicecorp.test" />
    <Status StatusValue="Valid">
      <ValidReason>Signature</ValidReason>
      <ValidReason>IssuerTrust</ValidReason>
      <ValidReason>RevocationStatus</ValidReason>
      <ValidReason>ValidityInterval</ValidReason>
    </Status>
  </KeyBinding>
</ValidateResult>
Best Regards,
Yasir Khan
Received on Wednesday, 30 April 2003 09:12:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 20 September 2007 14:30:57 GMT