Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
XKMS
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Cryptographic protocol}} {{multiple| {{no footnotes|date=September 2017}} {{primary sources|date=September 2017}} }} '''XML Key Management Specification''' ('''XKMS''') uses the [[web service]]s framework to make it easier for developers to secure inter-application communication using [[public key infrastructure]] (PKI). [[XML]] Key Management Specification is a protocol developed by [[W3C]] which describes the distribution and registration of public keys. Services can access an XKMS compliant [[Server (computing)|server]] in order to receive updated key information for [[encryption]] and authentication. == Architecture == XKMS consists of two parts: ;X-KISS: XML Key Information Service Specification ;X-KRSS: XML Key Registration Service Specification The X-KRSS defines the protocols needed to register public key information. X-KRSS can generate the key material, making key recovery easier than when created manually. The X-KISS outlines the syntax that applications should use to delegate some or all of the tasks needed to process the key information element of an XML signature to a trust service. In both cases the goal of XKMS is to allow all the complexity of traditional PKI implementations to be offloaded from the client to an external service. While this approach was originally suggested by Diffie and Hellman in their New Directions paper this was generally considered impractical at the time leading to commercial development focusing on the certificate based approach proposed by [[Loren Kohnfelder]]. == Development history == The team that developed the original XKMS proposal submitted to the W3C included [[Warwick Ford]], [[Phillip Hallam-Baker]] (editor) and [[Brian LaMacchia]]. The architectural approach is closely related to the MIT PGP Key server originally created and maintained by Brian LaMacchia. The realization in XML is closely related to [[Security Assertion Markup Language|SAML]], the first edition of which was also edited by Hallam-Baker. At the time XKMS was proposed no security infrastructure was defined for the then entirely new [[SOAP]] protocol for Web Services. As a result, a large part of the XKMS specification is concerned with the definition of security 'bindings' for specific Web Services protocols. == See also == * [[XML Signature]] and [[XML Encryption]], two other W3C standards used by the XKMS protocol. ==External links== *[http://sqldata.com/XKMS.htm XKMS at SQLData] *[http://www.w3.org/TR/xkms2/ XKMS at the W3C] *[https://web.archive.org/web/20060215002044/http://www.entrust.com/standards/xkms.htm XKMS at Entrust] *[https://web.archive.org/web/20070211062202/http://markupsecurity.com/info/xkms/index.html XKMS at Markup Security] [[Category:Cryptographic protocols]] [[Category:Computer network security]] [[Category:Cryptography standards]] [[Category:XML-based standards]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:Multiple
(
edit
)
Template:Short description
(
edit
)