Re: Examples of using xkms...

Stephen,

The Environmental Information Exchange Network  (EIEN)
(http://exchangenetwork.net) of the United States is in a process of
deploying a live XKMS 2.0 services. It will go live in a couple of months. I
don't know if this counts for a real example or not.

BACKGROUND

The Exchange Network is a web service network that links information systems
in the state governments and federal government agencies, and allows
automated and secure data exchanges between Network Node (the service
endpoint). The project started about 3 years ago, currently there are 32
states participating in live data exchanges, many more are in the
development and testing stage. The goal is to have all 50 states to join the
Exchange Network. It is perhaps the largest web service network in the US.

XKMS 2.0 USAGE

The Exchange Network has a centralized security service - Network
Authentication and Authorization Services (NAAS), the idea is to have a live
XKMS service and move toward public key authentication with signed
authentication messages, at least between Network Nodes:

1. Users generate a pair of keys and register them in the central XKMS
service (there is an approval process, off course).
2. Users construct an Authenticate message and sign the message using a
registered key, the KeyInfo element will contain a unique key name.
3. When an authentication message is received, NAAS will validate the key
through the XKMS XKISS, and verify the signature. The user is considered
authenticated if both the key and authentication message are valid.

Regards,

Yunhao





----- Original Message ----- 
From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
Sent: Tuesday, February 22, 2005 12:17 PM
Subject: Examples of using xkms...


>
>
> Folks,
>
> During today's call, Jose spoke about the implementation report
> that has to be produced. The more that it convinces people that
> xkms can be implemented, and is usable, the better.
>
> We've lots of evidence that it can be implemented.
>
> However, we could do with some more examples of where xkms is
> being used. So if you're offering a "live" service or know of
> one, and would be willing to contribute a little text on that
> for the implementation report, please let us (Jose, Shivaram
> and I) know,
>
> Thanks,
> Stephen.
>
>
>

Received on Saturday, 26 February 2005 15:26:52 UTC