Security Requirements
- Trust services must support integrity and confidentiality via TLS and
XML payload security. Mechanism such as VPN also allowed.
- Responses must include request digest, URL
- Registration authorization mechanisms
- Proof of key possession
- Specification must address issues of known-plaintext attacks and replay
attacks.