- From: arrow <arrow@cscw.buaa.edu.cn>
- Date: Sat, 2 Jun 2001 13:29:40 +0800
- To: "www-xkms-ws@w3.org" <www-xkms-ws@w3.org>
Hello,veryone:
I have some questions
First:The XKMS Specification says that the clients SHOULD validate
the Service Response to protect the Authenticity,Integrity and
Correspondence of the Response.The Specification also suggest three methods
to ensure these three criterias:XML Signature,Transport layer security (e.g. SSL)
and Packet layer security (e.g. IPSec).
However,If client uses XML Signature to achieve these purposes,how can I get the Public Key of the Truest Service ? In the XML-SIG , the Public Key of
the signer could be presented in the element <ds:KeyInfo>,but how can I make sure that the key value presented in the element <ds:KeyValue> is the public key of the service? If the client use a certificate to authenticate the public key, it means that the client uses the PKI first, then establishes the XKMS, doesn't it?
If client uses SSL or IPSec to achieve these purposes,the client must be based on PKI, because without PKI, the SSL or/and IPSec can not be established.
That is say, to ensure the Authenticity and Integrity of the service
response, client must use PKI to establish a secure channel.If it is true,
how can I acknowledge the advantage of XKMS: By becoming a client of the trust
service, the application is relieved of the complexity and syntax of the
underlying PKI used to establish trust relationships?
Second:Before the client register the key pair, it must get a shared secret
from the service. But in the XKMS Specification, the shared secret sometimes is
presented as "code", sometimes is presented as "pass phrase". And one is used for
<KeyBindingAuth>, the other one is used for <PassPharse>.What difference between
them? Why don't use only one shared secret to do it? In the example of Key
Recovery, Why is the "code" given by the service used for <PassPhrase>?
Arrow Zhang
arrow@cscw.buaa.edu.cn
Received on Monday, 4 June 2001 16:03:17 UTC