Registration of Key Generated Key Pair from Wahaj on 2003-12-16 (www-xkms@w3.org from December 2003)

From: Wahaj <wahaj.khan@ascertia.com>
Date: Tue, 16 Dec 2003 11:26:38 +0500
To: <www-xkms@w3.org>
Message-ID: <01df01c3c39d$97cb9810$0600a8c0@ascertia.com.pk>

Hi All,

I have a confusion in an Example in the draft version submitted on 26th August 2003. In the section 6.1.1 (Registration of Client-Generate Key Pair) a register request is shown having Authentication and Proof of Possession elements.

Q) Question is how Authentication element is created ?
1) Is this created by signing the PrototypeKeyBinding with a Key generated in a fashion specified in Appendix C i.e. [d6][cc][34]....[2c][92]?
2) In 7.1.3 section, it refers to a previous established key. Is this key same as referred in Appendix C ?
3) As KeyBindingAuthentication and NotBoundAuthentication are both optional, how will some one authenticate a user if NotBoundAuthentication is not present ?
4) In 7.1.5 <NotBoundAuthentication> Value element is the plain limited use shared secret data. I think in our example that is "024837"?

Regards,
Wahaj

Received on Tuesday, 16 December 2003 01:20:20 UTC