W3C home > Mailing lists > Public > www-xkms@w3.org > January 2005

Question on Key usages and Attribute Certificate

From: Seung-wook Jung <seung-wook.jung@uni-siegen.de>
Date: Wed, 26 Jan 2005 00:55:37 -1200
Message-ID: <003a01c503a6$55c33c80$3698638d@Bardeen2>
To: <www-xkms@w3.org>

1. Key Usage
The KeyUsage defined in XKMS can be Encryption, Signature, and Exchange. I wonder what criterion is applied to divide the key usages.  

How do you know the signature key will be use for authentication service, specially challenge-response protocol, and non-repudiation, both? How do you sure that any XKMS users will not sign over a hash value of a document, which says you give me 10000$, rather than a random challenge by challenge-response protocol? 

Even though UseKeyWith helps somehow, in my opinion KeyUsage and UseKeyWith seem to be analogy of Key Usage and Extended Key Usage of  RFC 3280 and seem to be independent. Should KeyUsage follow X.509 or RFC 3280 (PKIX) in order to have readers, users, XKMS servers, and trust infrastructures behind XKMS understand clearly? 

2. Attribute Certificate
Is XKMS only for the key certificate? For distributing asserted attributes such as attribute certificate, cannot XKMS be used alone? 

Best Regards, 

S. Jung

Seung-Wook Jung

University of Siegen
- Institute for Data Communications Systems -

Hoelderlinstrasse 3
D-57068 Siegen / Germany
Phone:     +49-271-740-2332
Fax:       +49-271-740-2536
e-mail:    seung-wook.jung@uni-siegen.de
URL:       http://www.dcs.uni-siegen.de

Received on Tuesday, 25 January 2005 16:53:55 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:43 UTC