- From: Jose Kahan <jose.kahan@w3.org>
- Date: Fri, 3 Dec 2004 18:05:44 +0100
- To: www-xkms@w3.org
- Message-ID: <20041203170544.GA4549@inrialpes.fr>
XKMS Locate and Validate can be used to extract the public-key component found in a certificate. The goal is to remove the burden of certificate parsing from applications by delegating it to an XKMS server. I was wondering why XKMS doesn't convert between different certificates. For example, suppose that I have an X509 certificate pubkey certificate and a PGP signed message with the correspondent private key. If I am using a PGP tool to verify the signature, I could use XKMS to extract the pubkey from the X509 certificate, but then I'd need to do some kind of hack in order to use this key with my PGP tool, like converting it to a PGP pubkey certificate or adding hooks to the place where it uses the pubkey. If XKMS were to convert the X509 certificate into a PGP one, I wouldn't need to hack my tool. Maybe I'm missing something or maybe it's not possible to convert between certificates because they have not the same semantics or some issue related to the signing of the certificate. I was just wondering how feasible it could be to integrate XKMS with off-the-shelf applications. -jose
Received on Friday, 3 December 2004 17:06:23 UTC