- From: Seung-wook Jung <seung-wook.jung@uni-siegen.de>
- Date: Wed, 26 Jan 2005 00:55:37 -1200
- To: <www-xkms@w3.org>
Dears, 1. Key Usage The KeyUsage defined in XKMS can be Encryption, Signature, and Exchange. I wonder what criterion is applied to divide the key usages. How do you know the signature key will be use for authentication service, specially challenge-response protocol, and non-repudiation, both? How do you sure that any XKMS users will not sign over a hash value of a document, which says you give me 10000$, rather than a random challenge by challenge-response protocol? Even though UseKeyWith helps somehow, in my opinion KeyUsage and UseKeyWith seem to be analogy of Key Usage and Extended Key Usage of RFC 3280 and seem to be independent. Should KeyUsage follow X.509 or RFC 3280 (PKIX) in order to have readers, users, XKMS servers, and trust infrastructures behind XKMS understand clearly? 2. Attribute Certificate Is XKMS only for the key certificate? For distributing asserted attributes such as attribute certificate, cannot XKMS be used alone? Best Regards, S. Jung ========================================================== Seung-Wook Jung University of Siegen - Institute for Data Communications Systems - Hoelderlinstrasse 3 D-57068 Siegen / Germany Phone: +49-271-740-2332 Fax: +49-271-740-2536 e-mail: seung-wook.jung@uni-siegen.de URL: http://www.dcs.uni-siegen.de ============================================================
Received on Tuesday, 25 January 2005 16:53:55 UTC