Re: (FYI) World Wide Web Consortium Issues XML Key Management System (XKMS) 2.0 as a W3C Recommendation

Well done folks!

Thanks to all who helped out on this, not least Jose and,
before him, Joseph Reagle for their constant support.

Stephen.

Jose Kahan wrote:

> Congratulations folks!
> 
> Here's a copy of the Press Release that was sent a couple of minutes
> ago:
> 
> http://lists.w3.org/Archives/Public/w3c-news/2005AprJun/0005.html
> 
> That is the link for the official announcement.
> 
> -jose
> 
> ----------------------
> 
> News Release: World Wide Web Consortium Issues XML Key Management System
> (XKMS) 2.0 as a W3C Recommendation
> 
> Today, W3C announces the completion of its latest Security Component,
> the XML Key Management System 2.0. XKMS 2.0 brings public key
> infrastructure to the W3C Security Framework, and makes PKI more
> manageable Web applications, including Web Services. For more
> information, please contact Janet Daly, W3C Global Communications
> Officer, at +1 617 253 5884 or <janet@w3.org>
> 
> ===================================================
> 
> World Wide Web Consortium Issues XML Key Management System (XKMS) 2.0 as
> a W3C Recommendation
> 
> XKMS 2.0 Adds Public Key Management to Web Applications, Web Services
> 
> Web Resources:
> 
> XML Key Management System 2.0 (2 components)
>    http://www.w3.org/TR/xkms2/
>    http://www.w3.org/TR/xkms2-bindings/
> 
> This press release
>    in English: http://www.w3.org/2005/06/xkms-pressrelease.html.en
>    in French: http://www.w3.org/2005/06/xkms-pressrelease.html.fr
>    in Japanese: http://www.w3.org/2005/06/xkms-pressrelease.html.ja
> 
> Testimonials from DataPower, Oracle Corporation and XMLSec Inc.
>    http://www.w3.org/2005/06/xkms-testimonial
> 
> 
> Contact Americas, Australia --
> Janet Daly, <janet@w3.org>, +1.617.253.5884 or +1.617.253.2613
> Contact Europe, Africa and the Middle East-
> Marie-Claire Forgue, <mcf@w3.org>, +33.492.38.75.94
> Contact Asia --
> Yasuyuki Hirakawa <chibao@w3.org>, +81.466.49.1170
> 
> ________________________________________
> 
> http://www.w3.org/ -- 28 June 2005 -- W3C has approved the XML Key
> Management System 2.0 (XKMS 2.0, XKMS 2.0 Bindings) as a W3C
> Recommendation. XKMS 2.0 is part of the W3C XML Security Framework,
> which includes the XML Signature, XML Encryption, and Canonical XML
> Recommendations. XKMS, a cornerstone of Web applications security, adds
> public key management to the W3C XML Security Framework.
> 
> Key Management is Essential for Web Services Security
> 
> Web applications and services security rely on interoperable components
> that make it possible to sign, seal, encrypt, and exchange electronic
> documents. All of these functions rely on management and processing of
> public keys. Before XKMS, these services lacked openly specified,
> non-proprietary interfaces (APIs). Today, XKMS offers an open,
> standards-based interface to key management services that has already
> demonstrated its utility in distributed enterprise security applications.
> 
> XKMS 2.0 Makes PKI Work Better between Enterprises
> 
> XKMS 2.0 makes public key infrastructure (PKI) practical to implement in
> Web applications, including Web services. Standards-based key management
> enables one to communicate identity across applications and systems,
> including in Web services applications operating across different trust
> boundaries.
> 
> Traditionally, the common PKI operations (public key certificate
> management, localization, parsing, and validation operations) are
> difficult to integrate into existing applications because they add
> overhead and must be hard-coded for a given PKI. XKMS 2.0 improves PKI
> deployment by delegating those operations to a server by means of low
> overhead protocols. At the same time, it is open enough to be used with
> any public certificate format, chosen by developers to meet application
> requirements.
> 
> XKMS 2.0 Streamlines Enterprise-Level Applications
> 
> In real world scenarios, XKMS 2.0 systems streamline enterprise-level
> applications. All decisions as to the type of public key certificate
> format, revocation, and so on can be handled directly at the server and
> transparently to the applications themselves. This will not only help
> third parties provide PKI operations in an interoperable way, it will
> also allow companies to install their own XKMS 2.0 servers for
> applications pertaining to local intranets. Furthermore, enterprises
> running XKMS 2.0 servers can handle key exchange and management at the
> server level, rather than at the client level, which makes for a single
> point of coordination, rather than requiring clients within an
> enterprise to be aware of each other.
> 
> Security Experts, Industry Leaders Drive XKMS 2.0 Development
> 
> XKMS 2.0 was developed by the W3C XML Key Management Working Group, and
> included W3C Members DataPower, Microsoft, Nokia, Oracle, Sun
> Microsystems, VeriSign and webMethods, along with invited experts
> co-chairs Stephen Farrell and Shivaram Mysore, Guillermo Alvaro Rey,
> Berin Lautenbach, Tommy Lindberg, Roland Lockhart and Yunhao Zhang. For
> more information on implementation and support of the new
> Recommendation, please review the XKMS 2.0 testimonials.
> 
> About the World Wide Web Consortium [W3C]
> 
> The W3C was created to lead the Web to its full potential by developing
> common protocols that promote its evolution and ensure its
> interoperability. It is an international industry consortium jointly run
> by the MIT Computer Science and Artificial Intelligence Laboratory (MIT
> CSAIL) in the USA, the European Research Consortium for Informatics and
> Mathematics (ERCIM) headquartered in France and Keio University in
> Japan. Services provided by the Consortium include: a repository of
> information about the World Wide Web for developers and users, and
> various prototype and sample applications to demonstrate use of new
> technology. To date, nearly 400 organizations are Members of the
> Consortium. For more information see http://www.w3.org/
> 
> Testimonials
> 
> Testimonials for XKMS 2.0 Recommendation
> These testimonials are in support of W3C issuance of XKMS 2.0 as a W3C
> Recommendation.
> 
> DataPower | Oracle Corporation | XMLsec Inc.
> 
> DataPower'sXS40 XML Security Gateway has long supported XKMS since early
> 2003. Asthe most widely deployed XML Web services security gateway among
> theGlobal 1000 and large government agencies, our extensive experience
> hasdemonstrated that XML Web services are a highly effective way to
> offerapplication security as a service to achieve 'separation of
> concerns'best practices and reduce the complexity of Web services
> security. Inthis way, XKMS 2.0 aims to improve PKI deployments and
> simplifyapplication security by moving digital-signature handling and
> encryptionout of the applications themselves and provide PKI as an
> easy-to-useservice instead.
> -- Rich Salz, Chief Security Architect, DataPower
> 
> XKMS provides PKI integration capabilities that will facilitate and
> accelerate the adoption of Web services. Oracle was pleased to provide a
> reference implementation for the XKMS 2.0 specification; we look forward
> to supporting the specification in Oracle Application Server as XKMS
> gains widespread deployment.
> -- Donald Deutsch, Vice President, Standards Strategy and Architecture,
> Oracle Corporation
> 
> In 2002, the W3C's release of the XML Signature and XML Encryption
> Recommendations led the way in making it much easier, thanks to XML, to
> integrate cryptography into applications. However, until now,
> application developers still had to use challenging, non-XML protocols
> for the key management aspects of cryptography. Now thanks to the W3C
> XML Key Management Specification (XKMS) Version 2.0 Recommendation which
> defines straight-forward XML messages and protocols for key management,
> the last major hurdle to fully enabling XML-based data security has been
> removed. As a past participant of the W3C XKMS working group, XMLsec
> congratulates the W3C on its release of the XKMS 2.0 Recommendation.
> -- Ed Simon, President and CEO, XMLsec Inc.
> 
> ------------------

Received on Tuesday, 28 June 2005 15:58:06 UTC