W3C home > Mailing lists > Public > www-xkms@w3.org > March 2003

FW: Change log 3 - Part II

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Wed, 26 Mar 2003 19:40:38 -0800
Message-ID: <CE541259607DE94CA2A23816FB49F4A311007E@vhqpostal6.verisign.com>
To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
T he updated specs should arrive tommorow, have network issues... 


 <http://lists.w3.org/Archives/Public/www-xkms/2003Feb/0025.html>
[Frederick] http://lists.w3.org/Archives/Public/www-xkms/2003Feb/0025.html
 
[37] DONE
  
Digest Authenticated Request 

If the original request was authenticated by means of an XML Signature with
a message digest as the signing algorithm, the service can still ensure a
strong binding of the response to the original request by means of the
<RequestSignatureValue> element. 
 
[44] DONE
Where the security requirements of the XKRSS protocol differ from those of
XKISS they are addressed by the XKRSS protocol directly rather than relying
upon the message security binding. 

For example the XKRSS registration functions are designed to support use in
modes in which a client registration request is accepted by a Local
Registration Authority and then forwarded to a Master Registration
Authority. In this mode it is essential that the proof of possession of the
private key being registered can be verified by both the Local Registration
Authority and the Master Registration Authority, even though the
authentication for the request sent to the Master Registration Authority is
likely to be provided by the Local Registration Authority, rather than the
original requestor. Similar considerations affect the distribution of
private keys.

[XTAML] 
Put in reference to XTAML which changed name to WS-TrustAxiom yesterday. I
used the new name.
 
[34] Removed line, it is redundant.
 
[64] This paragraph is actually a reference to another so I think it is ok
 
[90] ISSUE
 
 
[Joseph] http://lists.w3.org/Archives/Public/www-xkms/2003Feb/0028.html
<http://lists.w3.org/Archives/Public/www-xkms/2003Feb/0028.html> 
 
[13] DONE
 
[63]DONE
nsertion of an XKMS message into the SOAP message structure must not alter
namespace prefixes, or use of default namespaces, within the XKMS message.
Any change in these encodings will likely break an XML Signature internal to
the XKMS messages due to the use of QNames and namespace prefixes. The
implementer must insure that prefix values used with the SOAP namespaces
<http://www.w3.org/2002/06/soap-envelope>
http://www.w3.org/2002/06/soap-envelope (SOAP 1.2) and
<http://schemas.xmlsoap.org/soap/envelope>
http://schemas.xmlsoap.org/soap/envelope (SOAP 1.1) do not conflict with
prefixes used in the XKMS message.
 
[Section 4]DISCUSS
Not a biggie, but I really would like to discuss it before such a major
change.
 
 
[Shivram]http://lists.w3.org/Archives/Public/www-xkms/2003Mar/0008.html
 
[STOPPRESS]
 
[2]DONE
 
[20] ISSUE
[22] Done 
XML Schema for XKMS 2.0 Last Call Candidate 2003
[25] ISSUE
[64] DONE Not sure what is more readable, tried a colon
[190,318]DISCUSS
 
Part II
 
[1].[2] DONE
 
 
Received on Wednesday, 26 March 2003 22:40:42 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:07:23 UTC