Proposed XKRSS Test Cases from Yunhao Zhang on 2004-10-07 (www-xkms@w3.org from October 2004)

From: Yunhao Zhang <yzhang@sqldata.com>
Date: Wed, 6 Oct 2004 20:00:37 -0400
To: <www-xkms@w3.org>
Message-ID: <004b01c4ac00$ad2d4860$6422fecc@sqldata.com>

The proposed test cases below test basic registration services following the similar format to the current test suite. 


T100: Register Client Generated Key

 

Alice wishes to register a RSA key pair bound to alice@example.com. She generates a RSA key pair and sends a registration request to the XKMS service provider using a shared secret: secret, for key binding authentication. The processing mode is synchronous, and the X.509 distinguished name is  "C=US;O=Alice Corp;CN=Alice Aardvark". The response message indicates a successful key binding and there is an X.509 certificate in the key binding.

 

 

T101: Register Service Generated Key

 

In this scenario, Bob wishes to register a key generated by the XKMS server. He sends a registration request to the XKMS service provider using a shared secret: secret, for key binding authentication. The processing mode is synchronous, and the keys to be used with her email address bob@example.com. The XKMS server returns an RSA key pair with encrypted private key.

 

T102: Reissue

 

Alice wishes to get a new X.509 certificate. She sends a Reissue request to the XKMS service. The old X.509 certificate is included in the KeyBinding element as a proof of previous key binding. The shared secret is "secret", and the processing mode is synchronous. The XKMS server returns a new certificate with new validity interval in the response message, and the status of the key binding is valid.

 

 

T103: Recover

 

Bob wishes to recover his private key which he has forgotten. The XKMS administrator issues him a new authorization code "secret1" for the key recovery operation. He sends key recovery requests to the XKMS with an indeterminate key binding to his public key. The processing mode is asynchronous. Bob then sends a GetStatus message and the status result is success. Finally, he issues a Pending request to retrieve the encrypted private key.

 

T104: Revoke

 

Bob wishes to revoke a compromised key binding. The key was registered with a revocation pass phrase "Help I Have Revealed My Key". The processing mode is synchronous. The revocation result is successful and the result key binding is invalid.



Regards,

Yunhao

Received on Thursday, 7 October 2004 00:07:01 UTC