Comments on XKMS20021017 from Joseph Reagle on 2002-11-22 (www-xkms@w3.org from November 2002)

From: Joseph Reagle <reagle@w3.org>
Date: Fri, 22 Nov 2002 17:55:15 -0500
To: pbaker@verisign.com
Cc: <www-xkms@w3.org>
Message-Id: <200211221754.12553.reagle@w3.org>
http://www.w3.org/2001/XKMS/Drafts/XKMS20021017/xkms-part-1.html
W3C Editors Copy 17th October 2002

   [9]This document specifies protocols for distributing and registering
   public keys, suitable for use in conjunction with the proposed
   standard for XML Signatures [XML-SIG] developed by the World Wide Web
   Consortium (W3C) and the Internet Engineering Task Force (IETF) and an
   anticipated companion standard for XML encryption.

jmr: We can probably stop "anticipating" xenc <smile/>.

   [40]An XKMS service MUST NOT return the MajorResult code xkms:Pending
   unless the ResponseMechanism value xkms:Asynchronous was specified in
   the corresponding request.

jmr: This double negative is a little difficult to parse. How about, "An 
XKMS service can only return the MajorResult code xkms:Pending when the 
ResponseMechanism value xkms:Asynchronous was specified in the 
corresponding request." Though we lose our capital key words there... The 
prose and keywords on this part our a little awkward since we are 
essentially describing XKMS's state protocol. Perhaps we should use a table 
to indicate what sort of responses can be sent for a given request?

   [42]XKMS Clients
     * MUST support synchronous processing of X-KISS requests
     * MUST support synchronous processing of X-KRSS requests
     * MUST support synchronous processing of compound XKMS requests
     * MAY support asynchronous processing of X-KISS requests
     * SHOULD support asynchronous processing of X-KRSS requests
     * SHOULD support asynchronous processing of compound XKMS requests

   [43]XKMS services
     * MUST support synchronous processing of X-KISS requests
     * SHOULD support synchronous processing of X-KRSS requests
     * MAY support synchronous processing of compound XKMS requests
     * MAY support asynchronous processing of X-KISS requests
     * SHOULD support asynchronous processing of X-KRSS requests
     * SHOULD support asynchronous processing of compound XKMS requests

jmr: I'm glad we're being explicit on this point, though it demonstrates 
quite a large cross-product of optionality that might be challanging during 
interop...  Also, there's no difference between (X-KISS + X-KRSS) requests 
and (XKMS requests)? Perhaps we should say "support asynchronous processing 
of compound XKMS (X-KISS and X-KRSS) requests".

   [57]If asynchronous processing is performed on the individual inner
   requests each inner request for which an asynchronous response is to
   be accepted specifies the ResponseMechanism value xkms:Asynchronous.
   If the service decides to return an asynchronous response to an inner
   request a compound response is returned with an outer ResultMajor code
   of xkms:Success and and inner ResultMajor code of xkms:Pending for the
   requests for which an asynchronous response is to be issued. A service
   MAY return synchronous and asynchronous responses in a single compound
   response.

jrm: Paragraphs [56-58] are critical to understanding the compound request 
processing and I non-prose (an example, or protocol state) might be helpful 
for comprehension? I've read this a few times and don't feel confident I 
understand it yet.

   [82]The PendingRequest element is used to request the result of a
   previously presented request for which the MajorResult code
   xkms:Pending was returned. The PendingRequest element inherits the
   element and attributes of AbstractRequestType and the following
   attribute:

jmr: The PendingRequest is only sent to the service from the client, after 
the service indicated a change in its state right? Why not just have the 
service send the info? And if not, can the client "bug" the service with a 
PendingRequest after a time-out, or can it only send it after some 
notification? Also, I'm not sure how this relates to the text of 4.3 in 
part II... Are they completely orthogonal, restatements, or complementary.?

   [86] Security Consideration: Care must be taken when signing responses
   to ensure that the service does not provide a signing oracle, that is
   sign a messages whose content is guessable by an attacker.
   Implementations MUST ensure that response messages contain a
   sufficient quantity of unpredictable data such as a pseudo-randomly
   chosen Id attribute. For more information see the section Security
   Considerations.

jmr: We should include a definition or reference for "signing oracle." I 
looked on the Web but didn't find anything very good.

   [107]Request:

jmr: This example needs QName tweeking.


   [119]The Locate and Validate operations are both used to obtain
   information about a public key from an XKMS Service. Locate and
   Validate services are both expected to attempt to provide correct
   information to the requestor. The Locate and Validate services differ
   in the extent to which the XKMS Service verifies the information
   returned. A Location service SHOULD attempt to provide only
   information which is trustworthy to the best of its knowledge. A
   Validation service undertakes to only return information which has
   been positively validated by the XKMS Service as meeting its
   validation criteria.

jmr: Might as well tie this is to the concept of the policy?
s/validation criteria/validation criteria under its optinally specified 
Policy URI/

   [123]In many cases the key information which a client requires is
   bound to some form of address specified by an Internet protocol part
   of which consists of a DNS address. For example an email client may
   require a trustworthy key to send an encrypted email to
   bob@cryptographer.test. Unless an XKMS service which provides key
   information about keys bound to email addresses in the domain
   cryptographer.test is known a priori some means of locating the
   correct XKMS service is required.

jmr: Examples using the *.test and trustcenter domains should be changed to 
example.com . (Unless the IETF/IANA have defined the test top level 
domain?)

   [132]The KeyBindingAbstractType is the abstract type from which all
   XKMS Key Binding element specifiers are derived. It contains the
   following elements and attribute:

   <PolicyIdentifier> [Any Number]
          Identifies the policy under which the Key Binding was issued.
          If multiple Policy Identifiers are specified the Key Binding
          MUST be compliant with all of them.

jrm: I want to confirm that we decided we want multiple 
<PolicyIdentifier>'s? One isn't enough? (And if you have multiple semantics 
in play, you can create a single URI to represent their cross product?)

B.1 Domain Name Service (DNS)

   [330]The provision of an XKMS service that provides information on key
   information bound to DNS addresses in a specified DNS zone MAY be
   advertised by means of the DNS SRV record [RFC 2782]. An SRV record
   contains the following data fields:

jmr: Do we consider a SRV records an optional feature? Without 
implementation/interop, we can't be confident we've gotten the 
specification correctly, particulary given how few registrations there are. 
Also, if folks plan to implement this (and consequently want it to stay in 
the main spec) what processes should we take to register it? Does Don have 
this action item? (I recommend removing this section to a seperate draft if 
the IETF.)
Received on Friday, 22 November 2002 17:55:19 UTC