Rich Salz wrote: > >> How about XKMS as a way to allow XML applications to >> more easily integrate with Kerberos? > > You mean like xkms:Register for "get TGT" and xkms:Locate for "get ticket"? Exactly. And perhaps also xkms:Validate for translating a ticket (for me) into a KeyInfo containing the session key & originating principal name (or something like that). Same XML/ASN.1 & KeyInfo/(Ticket/Cert) issues we've handled already. Work needed would be a bit of analysis, some smallish new protocol bits (mainly use of xmlenc to wrap keys I guess), and, the hard bit: sufficient interest! > Seems like a neat hack, we'd like to talk about it. Cool. Anyone else? Stephen.Received on Monday, 4 July 2005 10:25:11 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 20 September 2007 14:31:04 GMT