- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Mon, 28 Feb 2005 13:11:25 +0000
- To: Yunhao Zhang <yzhang@sqldata.com>
- Cc: "Www-Xkms (E-mail)" <www-xkms@w3.org>
Yunhao, That's *exactly* the right type of thing! Thanks, (and good luck with the project), Stephen. Yunhao Zhang wrote: > Stephen, > > The Environmental Information Exchange Network (EIEN) > (http://exchangenetwork.net) of the United States is in a process of > deploying a live XKMS 2.0 services. It will go live in a couple of months. I > don't know if this counts for a real example or not. > > BACKGROUND > > The Exchange Network is a web service network that links information systems > in the state governments and federal government agencies, and allows > automated and secure data exchanges between Network Node (the service > endpoint). The project started about 3 years ago, currently there are 32 > states participating in live data exchanges, many more are in the > development and testing stage. The goal is to have all 50 states to join the > Exchange Network. It is perhaps the largest web service network in the US. > > XKMS 2.0 USAGE > > The Exchange Network has a centralized security service - Network > Authentication and Authorization Services (NAAS), the idea is to have a live > XKMS service and move toward public key authentication with signed > authentication messages, at least between Network Nodes: > > 1. Users generate a pair of keys and register them in the central XKMS > service (there is an approval process, off course). > 2. Users construct an Authenticate message and sign the message using a > registered key, the KeyInfo element will contain a unique key name. > 3. When an authentication message is received, NAAS will validate the key > through the XKMS XKISS, and verify the signature. The user is considered > authenticated if both the key and authentication message are valid. > > Regards, > > Yunhao > > > > > > ----- Original Message ----- > From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie> > To: "Www-Xkms (E-mail)" <www-xkms@w3.org> > Sent: Tuesday, February 22, 2005 12:17 PM > Subject: Examples of using xkms... > > > >> >>Folks, >> >>During today's call, Jose spoke about the implementation report >>that has to be produced. The more that it convinces people that >>xkms can be implemented, and is usable, the better. >> >>We've lots of evidence that it can be implemented. >> >>However, we could do with some more examples of where xkms is >>being used. So if you're offering a "live" service or know of >>one, and would be willing to contribute a little text on that >>for the implementation report, please let us (Jose, Shivaram >>and I) know, >> >>Thanks, >>Stephen. >> >> >> > > > > >
Received on Monday, 28 February 2005 13:10:23 UTC