- From: Guillermo Álvaro Rey <alvarorg@cs.tcd.ie>
- Date: Fri, 03 Dec 2004 18:09:40 +0000
- To: www-xkms@w3.org
- Message-Id: <1102097380.23961.288.camel@lamb.dsg.cs.tcd.ie>
Hi all, While designing tests for the test collection we couldn't agree on if the following test (or something similar) should be included or not: (Similar to XKRSS-T2 but with shared secrets equivalent to "secret") A client wishes to register five keys generated by the XKMS server (Key Names: TestKey[1-5]). He sends registration requests to the XKMS service provider using the following shared secrets: "SECRET", "sec ret", " sEC r E t ", "SeCrE t" and "s ECr ET ", for key binding authentication. The shared secrets associated to the keys in the service side will be the same used by the client, without an explicit order as all of them will transform to "secret". The processing mode is synchronous, and the keys are to be used with an email address. The XKMS server returns an RSA key pair with encrypted private key for every registration operation. The resulting set of messages will consist of ten messages: five Register request/response pairs. The idea would be to check if the string conversion rules included in the "use of limited-use shared secret data" section would guarantee interoperability. On the other hand, Tommy suggested that this kind of test is not an interoperability issue as the execution of the algorithm involves only one entity. Does anyone have an opinion on this? :) Cheers, - -Guillermo
Received on Friday, 3 December 2004 18:09:45 UTC