- From: Jose Kahan <jose.kahan@w3.org>
- Date: Tue, 28 Jun 2005 16:47:55 +0200
- To: www-xkms@w3.org
- Message-ID: <20050628144755.GA18836@rakahanga.inrialpes.fr>
Congratulations folks! Here's a copy of the Press Release that was sent a couple of minutes ago: http://lists.w3.org/Archives/Public/w3c-news/2005AprJun/0005.html That is the link for the official announcement. -jose ---------------------- News Release: World Wide Web Consortium Issues XML Key Management System (XKMS) 2.0 as a W3C Recommendation Today, W3C announces the completion of its latest Security Component, the XML Key Management System 2.0. XKMS 2.0 brings public key infrastructure to the W3C Security Framework, and makes PKI more manageable Web applications, including Web Services. For more information, please contact Janet Daly, W3C Global Communications Officer, at +1 617 253 5884 or <janet@w3.org> =================================================== World Wide Web Consortium Issues XML Key Management System (XKMS) 2.0 as a W3C Recommendation XKMS 2.0 Adds Public Key Management to Web Applications, Web Services Web Resources: XML Key Management System 2.0 (2 components) http://www.w3.org/TR/xkms2/ http://www.w3.org/TR/xkms2-bindings/ This press release in English: http://www.w3.org/2005/06/xkms-pressrelease.html.en in French: http://www.w3.org/2005/06/xkms-pressrelease.html.fr in Japanese: http://www.w3.org/2005/06/xkms-pressrelease.html.ja Testimonials from DataPower, Oracle Corporation and XMLSec Inc. http://www.w3.org/2005/06/xkms-testimonial Contact Americas, Australia -- Janet Daly, <janet@w3.org>, +1.617.253.5884 or +1.617.253.2613 Contact Europe, Africa and the Middle East- Marie-Claire Forgue, <mcf@w3.org>, +33.492.38.75.94 Contact Asia -- Yasuyuki Hirakawa <chibao@w3.org>, +81.466.49.1170 ________________________________________ http://www.w3.org/ -- 28 June 2005 -- W3C has approved the XML Key Management System 2.0 (XKMS 2.0, XKMS 2.0 Bindings) as a W3C Recommendation. XKMS 2.0 is part of the W3C XML Security Framework, which includes the XML Signature, XML Encryption, and Canonical XML Recommendations. XKMS, a cornerstone of Web applications security, adds public key management to the W3C XML Security Framework. Key Management is Essential for Web Services Security Web applications and services security rely on interoperable components that make it possible to sign, seal, encrypt, and exchange electronic documents. All of these functions rely on management and processing of public keys. Before XKMS, these services lacked openly specified, non-proprietary interfaces (APIs). Today, XKMS offers an open, standards-based interface to key management services that has already demonstrated its utility in distributed enterprise security applications. XKMS 2.0 Makes PKI Work Better between Enterprises XKMS 2.0 makes public key infrastructure (PKI) practical to implement in Web applications, including Web services. Standards-based key management enables one to communicate identity across applications and systems, including in Web services applications operating across different trust boundaries. Traditionally, the common PKI operations (public key certificate management, localization, parsing, and validation operations) are difficult to integrate into existing applications because they add overhead and must be hard-coded for a given PKI. XKMS 2.0 improves PKI deployment by delegating those operations to a server by means of low overhead protocols. At the same time, it is open enough to be used with any public certificate format, chosen by developers to meet application requirements. XKMS 2.0 Streamlines Enterprise-Level Applications In real world scenarios, XKMS 2.0 systems streamline enterprise-level applications. All decisions as to the type of public key certificate format, revocation, and so on can be handled directly at the server and transparently to the applications themselves. This will not only help third parties provide PKI operations in an interoperable way, it will also allow companies to install their own XKMS 2.0 servers for applications pertaining to local intranets. Furthermore, enterprises running XKMS 2.0 servers can handle key exchange and management at the server level, rather than at the client level, which makes for a single point of coordination, rather than requiring clients within an enterprise to be aware of each other. Security Experts, Industry Leaders Drive XKMS 2.0 Development XKMS 2.0 was developed by the W3C XML Key Management Working Group, and included W3C Members DataPower, Microsoft, Nokia, Oracle, Sun Microsystems, VeriSign and webMethods, along with invited experts co-chairs Stephen Farrell and Shivaram Mysore, Guillermo Alvaro Rey, Berin Lautenbach, Tommy Lindberg, Roland Lockhart and Yunhao Zhang. For more information on implementation and support of the new Recommendation, please review the XKMS 2.0 testimonials. About the World Wide Web Consortium [W3C] The W3C was created to lead the Web to its full potential by developing common protocols that promote its evolution and ensure its interoperability. It is an international industry consortium jointly run by the MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) in the USA, the European Research Consortium for Informatics and Mathematics (ERCIM) headquartered in France and Keio University in Japan. Services provided by the Consortium include: a repository of information about the World Wide Web for developers and users, and various prototype and sample applications to demonstrate use of new technology. To date, nearly 400 organizations are Members of the Consortium. For more information see http://www.w3.org/ Testimonials Testimonials for XKMS 2.0 Recommendation These testimonials are in support of W3C issuance of XKMS 2.0 as a W3C Recommendation. DataPower | Oracle Corporation | XMLsec Inc. DataPower'sXS40 XML Security Gateway has long supported XKMS since early 2003. Asthe most widely deployed XML Web services security gateway among theGlobal 1000 and large government agencies, our extensive experience hasdemonstrated that XML Web services are a highly effective way to offerapplication security as a service to achieve 'separation of concerns'best practices and reduce the complexity of Web services security. Inthis way, XKMS 2.0 aims to improve PKI deployments and simplifyapplication security by moving digital-signature handling and encryptionout of the applications themselves and provide PKI as an easy-to-useservice instead. -- Rich Salz, Chief Security Architect, DataPower XKMS provides PKI integration capabilities that will facilitate and accelerate the adoption of Web services. Oracle was pleased to provide a reference implementation for the XKMS 2.0 specification; we look forward to supporting the specification in Oracle Application Server as XKMS gains widespread deployment. -- Donald Deutsch, Vice President, Standards Strategy and Architecture, Oracle Corporation In 2002, the W3C's release of the XML Signature and XML Encryption Recommendations led the way in making it much easier, thanks to XML, to integrate cryptography into applications. However, until now, application developers still had to use challenging, non-XML protocols for the key management aspects of cryptography. Now thanks to the W3C XML Key Management Specification (XKMS) Version 2.0 Recommendation which defines straight-forward XML messages and protocols for key management, the last major hurdle to fully enabling XML-based data security has been removed. As a past participant of the W3C XKMS working group, XMLsec congratulates the W3C on its release of the XKMS 2.0 Recommendation. -- Ed Simon, President and CEO, XMLsec Inc. ------------------
Received on Tuesday, 28 June 2005 14:48:02 UTC