W3C home > Mailing lists > Public > www-xkms@w3.org > May 2002

Re: XKMS Requirements Last Call: Comments - closed

From: Frederick Hirsch <hirsch@fjhirsch.com>
Date: Thu, 09 May 2002 23:34:32 -0400
Message-ID: <3CDB3FC8.1040600@fjhirsch.com>
To: Shivaram.Mysore@Sun.COM
CC: www-xkms@w3.org

Thank you for your comments on the XKMS requirements at


These issues are addressed in the May 7, 2002 Editors copy of the XKMS 
requirements ( http://www.w3.org/2001/XKMS/Drafts/xkms-req.html ):

== 1.  Status of the Document -
these changes were fixed in a an earlier editors draft revision.
== 2.  Introduction and Terminology
o  I paragraph - replace " and" with "," in the following =="management
	requirements of XML Encryption [XML Encryption] and XML ==Digital
	Signature [XMLDSIG]"
	+ remove word "to" after the above phrase.
	(basically slight reword sentence due to usage of >1 =="and")

revised wording to be
"In particular, it is a goal of XML key management to support the public 
key management requirements of XML Encryption [XML Encryption], XML 
Digital Signature [XMLDSIG] and to be consistent with the Security 
Assertion Markup Language [SAML]."

I believe the second "to" is correct: it is a goal to support ... and to 
be ...

o  Asynchronous exchange -
	- possibly reword the sentence starting with "For ==example .."
	(it is not sounding good to me)

reworded sentence
"When client registration requires time consuming checks it is more 
practical for a client to return at a later time for a completed 
response, for example."

o  Key Name
	Rephrase 2nd Sentence - 3 instances of word "key".  I ==believe,
	the last 2 usages of key could be confusing to someone.

modified wording (in editors draft, not yet on web)
"The Key Name property is not required and when associated with a key in 
registration is not required to be a unique identifier for that key."
o  Payload Security
	replace "an" with "a"
kept "an XML digital signature" since XML is treated like it begins with 
"ex" in this case.

o  Proof of Possession (PoP)
	My suggested reword:
	Performing an action with a private key to demonstrate
	possession of it. An example is to create a signature ==using a
	registered private signing key, to prove possession of ==it.

"Performing an action with a private key to demonstrate possession of 
it. An example is to create a signature using a registered private 
signing key to prove possession of it."
== 3.  2.1 Universality and Usability
Item #12
	Use of word "excessive" - should we qualify this?

reworded, based on discussion at F2F:
"An XKMS server SHOULD be able to pass requests to another XKMS server 
for processing with minimal overhead."

== 4.  2.2 Security Model
Item #2
	replace "be encrypting using" with "use"
	replace "XML encryption" with "XML Encryption"

did not change (apart from capitalization in editors working draft, not 
yet on web).

We believe these issues are now closed, and thank you for your comments.

Frederick and Mike
Frederick Hirsch (hirsch@fjhirsch.com)
Mike Just (mike.just@entrust.com)
Received on Thursday, 9 May 2002 23:23:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:07:19 UTC