Re: Web Crypto WG and XKMS

On 2011-11-02 09:17, Dan Brickley wrote:
> Hi
> Looking at
> "The goal of this Working Group provide standards around key storage
> and cryptographic primitives that will provide capabilities that are
> currently difficult to do safely on the Web platform. "
> (+1 on the new name btw)
> How does this relate to the earlier XKMS work?
> e.g.
> Abstract: "This document specifies protocols for distributing and
> registering public keys, suitable for use in conjunction with the W3C
> Recommendations for XML Signature [XML-SIG] and XML Encryption
> [XML-Enc]. The XML Key Management Specification (XKMS) comprises two
> parts — the XML Key Information Service Specification (X-KISS) and the
> XML Key Registration Service Specification (X-KRSS)."
> It seems the latter emphasises protocols (and hence leans more towards
> SOAP/WSDL than APIs), while the former emphasises in-browser APIs, but
> they share a concern for key storage and management?
> Are there any pieces of work that can be shared across these use cases?

It does Key provisioning and management.

In spite of being built on XML and XML-SIG it is entirely different
to XKMS because XKMS is a client-to-server scheme while SKS/KeyGen2
is primarily a server-to-client system the same way as HTML5's <keygen>.

I guess SKS/KeyGen2 is dismissed since it is not a "standard" or an SDO
work item, but given the ill fate of XKMS I'm not too concerned about that :-)

It is in this context also worth mentioning:


> cheers,
> Dan

Received on Wednesday, 2 November 2011 17:52:37 UTC