New schema support and new features

This is a quick note to announce support for the new schema
in my XKMS implementation.

The currently deployed version also includes the following
new features:

1) Support for RetrievalMethod in XKISS.

Currently this is for the http method alone and only for raw
X509 certificates. Transforms, if present, are ignored.

In order to facilitate testing I have put up the following certs at


As an example, the following markup will dereference Alice's cert

    URI="" />

2) On the fly X509CRL generation if RespondWith so indicates.

3) Preliminary support for PGP artefacts.

All the keyholders in the (now out of date and soon to be updated) sample 
message bundle have PGP key pairs of which the public key part and the
key ID can be retrieved through XKISS.

As regards XKRSS, Registration and Reissuance will produce PGP public keys
and key id's if this is indicated in UseKeyWith. 

PGPData can also be used in KeyInfo to carry the verification key for any
signed XKMS request.


Received on Friday, 19 November 2004 22:56:15 UTC