NOTE-xkms2-req-20030505 43.6 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title>XML Key Management (XKMS 2.0) Requirements</title>
  <link rel="stylesheet" type="text/css"
  href="http://www.w3.org/StyleSheets/TR/W3C-NOTE.css" />
</head>

<body text="black" bgcolor="white">

<div class="head">
<a href="http://www.w3.org/"><img src="http://www.w3.org/Icons/w3c_home"
alt="W3C" height="48" width="72" /></a>

<h1><a href="http://www.w3.org/2001/XKMS/">XML Key Management</a> (XKMS 2.0)
Requirements</h1>

<h2>W3C Note 05 May 2003</h2>
<dl>
  <dt>This version:</dt>
    <dd><a
      href="http://www.w3.org/TR/2003/NOTE-xkms2-req-20030505">http://www.w3.org/TR/2003/NOTE-xkms2-req-20030505</a></dd>
  <dt>Latest version:</dt>
    <dd><a
      href="http://www.w3.org/TR/xkms2-req">http://www.w3.org/TR/xkms2-req</a></dd>
  <dt>Previous version:</dt>
    <dd><a
      href="http://www.w3.org/TR/2002/WD-xkms2-req-20020318">http://www.w3.org/TR/2002/WD-xkms2-req-20020318</a></dd>
  <dt>Editors:</dt>
    <dd>Frederick Hirsch, Nokia, &lt;<a
      href="mailto:frederick.hirsch@nokia.com">frederick.hirsch@nokia.com</a>&gt;</dd>
    <dd>Mike Just, Treasury Board of Canada Secretariat (TBS), &lt;<a
      href="mailto:just.mike@tbs-sct.gc.ca">just.mike@tbs-sct.gc.ca</a>&gt;</dd>
</dl>

<p class="copyright"><a
href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a>
© 2003 <a href="http://www.w3.org/"><abbr
title="World Wide Web Consortium">W3C</abbr></a><sup>®</sup> (<a
href="http://www.lcs.mit.edu/"><abbr
title="Massachusetts Institute of Technology">MIT</abbr></a>, <a
href="http://www.ercim.org/"><abbr
title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>,
<a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a
href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>,
<a
href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a>,
<a href="http://www.w3.org/Consortium/Legal/copyright-documents">document
use</a> and <a
href="http://www.w3.org/Consortium/Legal/copyright-software">software
licensing</a> rules apply.</p>
<hr title="Separator from Header" />
</div>

<div>
<h2 class="abstract">Abstract</h2>
This document lists the design principles, scope and requirements for XML Key
Management specifications and trust server key management implementations. It
includes requirements as they relate to the key management syntax,
processing, security and coordination with other standards activities.

<div class="status">
<h2 class="abstract">Status of this Document</h2>
This is the XML Encryption Requirements Note from the <a
href="http://www.w3.org/2001/XKMS/">XKMS</a> (<a
href="http://www.w3.org/2001/XKMS/Activity.html">Activity Statement</a>).
This version represents the consensus of the Working Group since <em>March
2002</em> on the requirements for the <a
href="http://www.w3.org/TR/xkms2/">XML Key Management Specification</a> .It
has also underwent minor changes resulting from the <a
href="http://www.w3.org/Encryption/2001/11/last-call-issues.html">Last Call
(issues)</a> ending on <em>May 23 2003</em>. The Working Group has no plans
to update the content of this document; it serves to document the agreed upon
set of requirements the specification will address.

<div class="">
<p>This document is a NOTE made available by the W3C for archival purposes.
Publication of this Note by W3C indicates no endorsement by W3C or the W3C
Team, or any W3C Members. A list of current W3C technical reports and
publications, including Recommendations, Working Drafts, and Notes can be
found at <a href="http://www.w3.org/TR/">http://www.w3.org/TR/</a>.</p>

<p>Please send comments to the editors &lt;<a
href="mailto:frederick.hirsch@nokia.com">frederick.hirsch@nokia.com</a>&gt;
and &lt;<a
href="mailto:just.mike@tbs-sct.gc.ca">just.mike@tbs-sct.gc.ca</a>&gt;, and
cc: the working group mailing list <a
href="mailto:www-xkms@w3.org">www-xkms@w3.org</a> (public <a
href="http://lists.w3.org/Archives/Public/www-xkms/">archive</a>).</p>

<p>A list of current W3C working drafts can be found at <a
href="http://www.w3.org/TR/">http://www.w3.org/TR/</a>.</p>

<p>Patent disclosures relevant to this specification may be found on the
Working Group's <a href="http://www.w3.org/2001/XKMS/Disclosures.html">patent
disclosure page</a> in conformance with W3C policy.</p>
</div>
</div>
</div>
<hr />

<h2 id="sec-ToC" class="table-of-contents">Table of Contents</h2>
<ol class="table-of-contents">
  <li><a href="#sec-Intro">Introduction and Terminology</a></li>
  <li><a href="#sec-Requirements">Requirements</a></li>
  <li style="list-style: none"><ol class="table-of-contents">
      <li><a href="#sec-general-design">Universality and Usability</a></li>
      <li><a href="#sec-security-model">Security Model</a></li>
      <li><a href="#sec-Server">Trust Server</a></li>
      <li><a href="#sec-protocol-design">Protocol Capabilities and
      Format</a></li>
      <li><a href="#sec-Objects">Objects and Processing</a></li>
    </ol>
  </li>
  <li><a href="#sec-scope">Out of Scope</a></li>
  <li><a href="#sec-Coordination">Coordination</a></li>
  <li><a href="#sec-IPR">Intellectual Property</a></li>
  <li><a href="#sec-References">References</a></li>
</ol>
<hr />

<h2><a name="sec-Intro" id="sec-Intro"></a>1 Introduction and Terminology</h2>
XML-based public key management should be designed to meet two general goals.
The first is to support a simple client's ability to make use of
sophisticated key management functionality. This simple client is not
concerned with the details of the infrastructure required to support the
public key management but may choose to work with X.509 certificates if able
to manage the details <i>.</i> The second goal is to provide public key
management support to XML applications that is consistent with the XML [<a
href="#ref-XML">XML</a>] architectural approach. In particular, it is a goal
of XML key management to support the public key management requirements of
XML Encryption [<a href="#ref-xml-encryption">XML Encryption</a>], XML
Digital Signature [<a href="#ref-xml-dsig">XMLDSIG</a>] and to be consistent
with the Security Assertion Markup Language [<a href="#ref-saml">SAML</a>].
This specification provides requirements for XML key management consistent
with these goals, including requirements on the XML key management
specification, server implementations and the protocol messages.

<p>XML key management services will primarily be of interest to clients that
intend to communicate using XML-based protocols bound to SOAP. It may be that
such clients will not have sufficient ASN.1 capabilities in which case the
benefits of offloading the parsing of certificates and other traditional PKI
structures (e.g. CRLs or OCSP responses) is clear. Clients which possess such
capabilities and have no preference to work with XML-based protocols may opt
to use non-XML-based protocols defined by PKIX, for example.</p>

<p>The following terms and phrases are used throughout the remainder of this
draft.</p>
<dl>
  <dt>4-Corner Model</dt>
    <dd>A processing and/or trust environment where each end-entity interacts
      with a single trusted point of contact, and each such contact has a
      peerwise trust relationship with all other contacts[<a
      href="#ref-4-corner">4-corner model</a>].</dd>
  <dt>Asynchronous exchange</dt>
    <dd>An exchange where the synchronous service response is incomplete,
      requiring the client to perform a subsequent request at some later
      time. When client registration requires time consuming checks it is
      more practical for a client to return at a later time for a completed
      response, for example. For XML Key Management all requests producing
      asynchronous results MUST produce a synchronous response status
      indicating an incomplete response, such as "Pending", for example. Such
      responses might also provide a URL for the client to check back to
      obtain the complete response at a later time.</dd>
  <dt>Client</dt>
    <dd>An application that makes requests of a service. The concept of a
      "client" is relative to a service request; an application may have the
      role of client for some request and service for others.</dd>
  <dt>Deferred Request Authentication</dt>
    <dd>A mechanism to allow a client to verify that the server processed the
      correct request. The client may verify the server response, for
      example, by comparing the elements returned in the response, or
      comparing a digest of the request with a digest returned in a secured
      response. This ensures that an attacker has not diverted or otherwise
      changed portions of a request. For example, a client request might be
      directed to a particular URI so that a specific policy will be enforced
      as part of the service processing the request. Inclusion of the URI in
      the response ensures that the expected server policy was followed and
      that the request was conveyed correctly.</dd>
  <dt>Key</dt>
    <dd>An input parameter that varies the transformation performed by a
      cryptographic algorithm [<a href="#ref-rfc-2828">RFC2828</a>]. For the
      purpose of XML key management we specifically mean public keys and
      private keys as used in a public key cryptosystem.</dd>
  <dt>Key Management</dt>
    <dd>Key management relates to the management of a public key's validity
      status over its lifetime. Typically, operations are defined for
      controlling the validity (e.g. register, revoke) and querying the
      validity.</dd>
  <dt>Key Binding</dt>
    <dd>A property associating additional information with a public key. This
      might be used to convey status and validity period information for key
      validity queries or used to convey private key information as part of a
      registration request or response.</dd>
  <dt>Key Location</dt>
    <dd>A service that locates and returns a public key given identifying
      information for the key. Generally the request will include a KeyInfo
      element containing information sufficient for the service to locate the
      key. A common example is to provide the key name.</dd>
  <dt>Key Name</dt>
    <dd>A property defined in the XML Digital Signature recommendation,
      allowing a name to be associated with a key within a &lt;ds:KeyInfo&gt;
      element. The Key Name property is not required and when associated with
      a key in registration is not required to be a unique identifier for
      that key.</dd>
  <dt>Key Validation</dt>
    <dd>A service that verifies the binding of information to a public key
      and also determines the current status of that binding, if appropriate
      or possible for the information in question. For example, key
      validation [<a href="#ref-rfc-2828">SECGL</a>] may be performed based
      on elements secured to a public key in an X.509 certificate as outlined
      in PKIX [<a href="#ref-rfc-2459">RFC 2459</a>].</dd>
  <dt>Pass Phrase Key</dt>
    <dd>A key derived from a pass phrase may be used for authentication in
      circumstances where public key based authentication is not
    possible.</dd>
  <dt>Payload Security</dt>
    <dd>The XKMS request or response XML obtains integrity and/or
      confidentiality by being signed using an XML digital signature and/or
      encrypted using XML Encryption. The signature itself may be placed in
      the SOAP header when using a SOAP binding, for example. This is in
      contrast to transport integrity, where a SOAP message containing the
      XKMS payload is secured using TLS or other transport security
      mechanisms.</dd>
  <dt>Proof of Possession (POP)</dt>
    <dd>Performing an action with a private key to demonstrate possession of
      it. An example is to create a signature using a registered private
      signing key to prove possession of it.</dd>
  <dt>Service</dt>
    <dd>An application that provides computational or informational resources
      on request. A service may be provided by several physical servers
      operating as a unit.</dd>
  <dt>TLS</dt>
    <dd>Transport Layer Security, a protocol layer designed to provide
      message integrity and confidentiality for a message during transit
      between two endpoints. An earlier version is known as SSL, the Secure
      Socket Layer [<a href="#ref-tls">TLS</a>].</dd>
  <dt>Trust Service</dt>
    <dd>A service that is capable of registering public keys and/or providing
      key information services, including key validation and location.</dd>
  <dt>Web Service</dt>
    <dd>A service that is accessible by means of messages sent using standard
      web protocols, notations and naming conventions, including XML Protocol
      (or until XML protocol is standardized, SOAP). Web service may also
      imply the use of ancillary mechanisms, such as WSDL <a
      href="#ref-wsdl">[WSDL</a> ] and UDDI [ <a href="#ref-uddi">UDDI</a> ]
      for defining Web services interfaces.</dd>
</dl>

<p>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document
are to be interpreted as described in RFC 2119. [<a href="#ref-rfc-2119">RFC
2119</a>].</p>

<h2><a name="sec-Requirements" id="sec-Requirements"></a>2 Requirements</h2>
Familiarity with the W3C XKMS Note [<a href="#ref-xkms-note">XKMS Note</a>]
is assumed for this section.

<h3><a name="sec-general-design" id="sec-general-design"></a>2.1 Universality
and Usability</h3>
<ol>
  <li>Request and response messages SHOULD be extensible.</li>
  <li>All messages and data structures MUST be specified in XML using XML
    Schema [<a href="#ref-XML-schema">XMLSchema</a>]. Schema validation is
    not required of applications or trust server implementations. Clients and
    servers are not required to implement a general purpose XML parsing
    capability. Note that common PKIX structures such as X.509 certificate
    and CRL structures may be embedded as binary (base64 encoded) data within
    XML elements as indicated by the KeyInfo definition [ <a
    href="#ref-xml-dsig">XMLDSig</a> ].Applications which expect to process
    X.509 certificates will require ASN.1 and certificate processing
    capabilities.</li>
  <li>Use of optional features is discouraged. Optional features SHOULD be
    justified in the specification.</li>
  <li>The specification MUST provide a binding to XML Protocol (SOAP 1.2),
    provided that the SOAP 1.2 specification has reached Candidate
    Recommendation (CR) status prior to the XKMS WG completing its work. In
    this case the specification SHOULD also provide a binding to SOAP 1.1
    (for interoperability purposes). If SOAP 1.2 has not reached CR status
    then the specification MUST provide a binding to SOAP 1.1. The XKMS
    specification SOAP binding is required to profile SOAP for
    interoperability, including use of document literal encoding. [ <a
    href="#ref-soap">SOAP</a> ] [<a href="#XMLprotocol">XMLProtocol</a>]
    [List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0026.html">Blair
    Dillaway</a>)].</li>
  <li>XKMS services MUST implement SOAP 1.2 once that specification has
    achieved Candidate Recommendation status.</li>
  <li>The design MUST be transport protocol agnostic - SOAP content may be
    carried over different transport protocols. [List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0026.html">Blair
    Dillaway</a>)]</li>
  <li>The specification MUST ensure the correspondence of responses with
    requests, aiding correlation of asynchronous responses with requests and
    also ensuring that the appropriate request was processed.</li>
  <li>The specification MUST NOT require clients to implement traditional PKI
    processing such as ASN.1, certificate revocation or certificate chain
    processing. Usability and simplicity are paramount to enable clients to
    obtain the benefits of public key technology. {Reuters} [<a
    href="#XKMSPositionPapers">XKMSPositionPapers</a>].</li>
  <li>The specification MUST clearly define the set of responses expected by
    a client for each type of request and clearly define the expected actions
    of a client receiving those responses. For example, responses that apply
    to a validation request will not necessarily apply to a registration
    request.</li>
  <li>Underlying PKI or other trust server mechanisms SHOULD be transparent
    to the client, with exception that credentials such as X.509 certificates
    may be explicitly retrieved. This should leverage the &lt;ds:KeyInfo&gt;
    work. {IAIK position} [<a
    href="#XKMSPositionPapers">XKMSPositionPapers</a>]</li>
  <li>A mechanism for versioning SHOULD be defined. If a good reason exists
    for an approach other than XML Namespaces, it MUST be justified.</li>
  <li>Server support for legacy formats such as PKCS#10 and PKCS#7 SHOULD be
    defined, but their support is OPTIONAL. An example use is in smartcard
    personalization or bulk registration applications.</li>
  <li>An XKMS server SHOULD be able to pass requests to another XKMS server
    for processing with minimal overhead. The definition of server chaining
    and referral messages are out of scope, but such mechanisms SHOULD NOT be
    precluded. An example of meeting this requirement is to provide support
    for a 4 corner application model [<a href="#ref-4-corner">4-corner
    model</a>].</li>
  <li>Use of XML elements with unbounded maxOccurs schema values SHOULD be
    justified in the specification.</li>
</ol>

<h3><a name="sec-security-model" id="sec-security-model"></a>2.2 Security
Model</h3>
[Data Confidentiality and Integrity]<br />
&nbsp;<br />

<ol>
  <li>Every trust service MUST support TLS and payload security. Trust
    services MAY support secure networks such as IPSec for integrity and
    confidentiality. Every client MUST support at least one of these
    mechanisms appropriate for the servers contacted.</li>
  <li>Payload security MUST be based on XML Encryption and XML Signature and
    MAY be usable to secure the body content of SOAP messages. Individual
    elements of XML Key Management protocol messages SHOULD not be encrypted,
    except for the Private element which is a special case (since it
    transports a private key) and MUST be encrypted using XML Encryption.
    Exclusive Canonicalization SHOULD be used as the XML Digital Signature
    canonicalization method.</li>
  <li>The specification MUST define how XML Key Management messages and
    transactions can be secured (for confidentiality and integrity) where
    payload security is not implemented. In particular, the specification
    MUST define how transport layer security such as SSL/TLS is to be used.
    The specification MUST profile TLS, by requiring a subset of the defined
    cipher suites to be supported, for example.</li>
  <li>The security section of the specification MUST recommend that at least
    one form of integrity and confidentiality protection of service requests
    and responses be used by applications, either transport security or
    payload protection.</li>
</ol>

<p>[Transaction Security]</p>
<ol>
  <li value="5">All trust server responses MUST include a digest of the
    request payload and the request URL.</li>
  <li>Techniques for protection against replay attacks MUST be defined in the
    security considerations section. Specific techniques SHOULD be defined,
    such as nonce, origination time, and serial numbers in requests, for
    example.</li>
</ol>

<p>[Trust Service Trust]</p>
<ol>
  <li value="7">Trust services MUST make their public keying information
    (i.e. the public keys to be used to authenticate the trust service)
    publicly available in at least the &lt;ds:KeyValue&gt; format, since that
    is the minimal [<a href="#ref-xml-dsig">XMLDSIG</a>] key
  representation.</li>
  <li>The specification MUST support different means of establishing a trust
    relationship with the trust service, and not be limited to client caching
    of a trusted certificate or trusted key. Other possibilities include key
    establishment using a shared secret, for example.</li>
</ol>

<p>[Authentication]</p>
<ol>
  <li value="9">The specification MUST allow use of user-generated pass
    phrases as a means of authenticating requests in lieu of access to a
    valid private key. binding.</li>
  <li>The specification MUST provide a means of employing a secret, agreed
    out-of-band, between the registration service and end-user as a means of
    authorizing a registration action. [List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0026.html">Blair
    Dillaway</a>)]</li>
</ol>

<p>[Privacy]</p>
<ol>
  <li value="11">The specification MUST state in the security section that
    concerns over the privacy of registration information may be addressed
    through server P3P privacy policies. The definition and retrieval
    mechanisms for these policies are defined in the P3P recommendation and
    do not require definition in the XKMS specifications [<a
    href="#ref-p3p">P3P</a>].</li>
</ol>

<p>[Security considerations]</p>
<ol>
  <li value="12">The specification MUST include a discussion of potential
    vulnerabilities and recommended practices when using the defined
    processing model in a larger application context. While it is impossible
    to predict all the ways the specification may be used, the discussion
    MUST alert users to ways in which potentially subtle weaknesses might be
    introduced. At a minimum, security issues arising from known plain-text
    and data length information MUST be addressed.</li>
</ol>

<h3><a name="sec-Server" id="sec-Server"></a>2.3. Trust Server</h3>
<ol>
  <li>A server MAY be deployed that implements a subset of XKMS service
    functionality, such as Locate but not Validate, for example.</li>
  <li>Selection of differently configured trust services SHOULD use standard
    HTTP binding techniques such as URLs, rather than requiring the XKMS
    protocol to define this functionality. For example, a URL may be used to
    define access to a trust service and possibly distinguish the underlying
    technologies (e.g. PGP, X509 etc.).</li>
  <li>The specification MUST define asynchronous registration responses.</li>
  <li>More generally, the specification MUST allow asynchronous transport of
    both registration requests and responses, but not require this of trust
    servers.</li>
</ol>

<h3><a name="sec-protocol-design" id="sec-protocol-design"></a>2.4. Protocol
Capabilities and Formats</h3>
[Registration Capabilities]<br />
&nbsp;<br />

<ol>
  <li>The specification MUST describe how to register key information, and in
    particular, associate additional information with the public key. A
    public key pair may be generated at a client and the public key
    registered with the trust service; a key pair may be generated at the
    trust service and the private key may be delivered to the client.</li>
  <li>The specification MUST describe how to revoke a registered key
  binding.</li>
  <li>The specification MUST describe how to update registered public key
    information. Reasons include the need for atomic transactions and the
    ability to update a portion of a defined key binding.</li>
  <li>The specification MUST describe how to support a user recovering their
    own private key, such as might be needed to restore a lost private
    encryption key. This requirement does not imply any form of key escrow as
    used in the sense of mandated government access to private keys.</li>
  <li>The specification MUST describe how to register more than one public
    key in a single registration request, supporting bulk registration. The
    specification MAY generalize this to define how to perform compound
    requests and obtain compound responses, including both registration and
    information service messages</li>
  <li>The specification MUST describe how to request an update as to the
    status of a multi-key request.</li>
</ol>

<p>[Key Information Service Capabilities]</p>
<ol>
  <li value="7">The specification MUST define a request for retrieving a
    public key, given a &lt;ds:KeyInfo&gt; element containing one or more
    children containing key information. The mechanism of processing KeyInfo
    and obtaining the key is implementation dependent, but a server MUST be
    able to return key information corresponding to a KeyInfo returned in a
    registration response from the same server. Population of the server
    database for responding to service requests (locate and validate) is out
    of scope and implementation specific.</li>
  <li>This specification MUST define a protocol for validating the status of
    a public key and additionally validating the binding between a public key
    and other related information.</li>
  <li>The specification MUST describe how a client can specify or determine
    the context in which a public key binding will be validated {Certicom,
    Microsoft, Sun, Zolera} [<a
    href="#XKMSPositionPapers">XKMSPositionPapers</a>]. Context enables
    4-corner model support for example. As another example, the context may
    include the trust anchors and certificate policies the client wants the
    server to use for validation. [List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0052.html">Yassir
    Elley)</a>]</li>
</ol>

<p>[Formats]</p>
<ol>
  <li value="10">The specification MUST define payload and header XML
    formats. XML Protocol bindings may be published as a separate document
    from the specification to avoid dependencies on the XML Protocol
    schedule. XML Bindings other than XML Protocol MAY be defined in the
    specification [List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0026.html">Blair
    Dillaway</a>)].</li>
  <li>The specification MUST define how to convey application context in
    requests/responses, e.g. transaction amount, arbitrary XML {Microsoft,
    Sun}</li>
  <li>All formats SHOULD permit application/trust server extension through
    the use of additional elements in another namespace.</li>
  <li>The specification MUST define a unified request/response mechanism
    across services (Locate, Validate etc.), including uniform error
    responses, query and response formats.</li>
  <li>The specification MUST permit opaque data to be associated with a
    request and returned with the corresponding response. Parties that are
    not concerned with opaque data may ignore it.</li>
  <li>The specification MUST define which requests are idempotent (can repeat
    without ill effect) and which are not.</li>
  <li>The specification MUST define a protocol that provides the means to
    match requests and responses.</li>
  <li>A client SHOULD be able to control the number of key bindings in a
    response returned (e.g. specify the maximum to be returned).</li>
  <li>The specification MUST use schema typing and namespace support for the
    &lt;Respond&gt; element in &lt;Locate&gt; and &lt;Validate&gt; responses
    (rather than strings). {Reagle}, [<a
    href="#ref-XKMSWorkshopMinutes">WorkshopMeeting</a>]</li>
  <li>A Validate request MAY also include values to be Located and returned
    in the response.</li>
  <li>The specification MUST allow the server to return a subset or superset
    of the elements requested by the clients. {Reagle} [<a
    href="#ref-XKMSWorkshopMinutes">WorkshopMeeting</a>]. Security
    implications MUST be discussed in the Security Concerns section of the
    specification.</li>
  <li>The specification MUST define unambiguous multi-valued responses,
    removing the ambiguity possible with valid, invalid and indeterminate key
    binding status responses, for example.</li>
</ol>

<h3><a name="sec-Objects" id="sec-Objects"></a>2.5. Objects and
Processing</h3>
<ol>
  <li>The specification SHOULD define how to register a key for specific uses
    and how to update the allowed uses over time. [<a
    href="#XKMSPositionPapers">XKMSPositionPapers</a> ]</li>
  <li>A key registration request MUST be able to specify the appropriate key
    usage of a key.</li>
  <li>Key bindings MUST have issuers associated with them.</li>
  <li>The following KeyInfo formats MUST be supported: KeyName, KeyValue, and
    RetrievalMethod.
    <p>The X509Certificate KeyInfo format MUST be supported by a trust server
    if the service claims interoperability with PKIX X.509. Additional
    KeyInfo formats such as X509Chain, OCSP, and X509CRL MAY be supported.
    X509Chain and OCSP MUST be defined in the XKMS specifications. X509CRL is
    defined in the XML Signature recommendation.</p>
    <p>The XKMS registration Private format MUST be supported if the service
    supports either service generated key pairs or key recovery.[List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0023.html">Sebastien
    Pouliot)</a>]</p>
  </li>
  <li>Exclusive Canonicalization [<a
    href="#ref-exclusive">ExclusiveCanonicalization</a>] support is required
    to assure robust XML digital signatures when the context of the XKMS
    content may be changed, such as in the case of intermediate SOAP
    processors altering the SOAP envelope context.</li>
  <li>XML Key Management applications MUST be XML-namespaces [<a
    href="#ref-XML-ns">XML-namespaces</a>] aware.</li>
  <li>XML Key Management applications MUST be XML Schema [<a
    href="#ref-XML-schema">XML-schema</a>] aware in that they create XML Key
    Management instances conforming to the key management schema definitions.
    {Reagle} Schema validation is not required.</li>
  <li>Implementation of the specification SHOULD work with existing XML
    parser and schema implementations. However, alterations to particular DOM
    and/or XML parser implementations may prove beneficial in terms of
    simplifying application development or improving runtime efficiency.
    These details are outside the scope of the XML Key Management
    specification.</li>
  <li>The specification SHOULD be compatible with the use of authentication
    mechanisms carried in SOAP/XML Protocol messages and/or the transport
    protocol.</li>
  <li>The specification MUST describe how to provide proof of possession of
    private keys.</li>
  <li>The KeyInfo returned in a registration response SHOULD be a unique key
    identifier for the responder for subsequent service requests. Subsetting
    this KeyInfo may make this not true. Server implementations may define
    uniqueness properties and relate them to clients - how this is done is
    implementation dependent.</li>
</ol>

<h2><a name="sec-scope" id="sec-scope"></a>3. Out of Scope</h2>

<p>These items are out of scope(at least for the initial specifications
produced by the working group). In some cases an in-scope requirement (e.g.
the ability to use XKMS in the context of the 4 corner model) may imply some
of this functionality, but that does not mean the XKMS specification is
required to define that functionality.</p>
<ol>
  <li>Design of new cryptographic algorithms.</li>
  <li>Issues of non-repudiation, including but not limited to 'technical
    non-repudiation' and 'contractual non-repudiation'.</li>
  <li>Sources of trusted time.</li>
  <li>Models and data structures for establishing inter-domain trust,
    including but not limited to 'cross-certification'.</li>
  <li>Redefining existing PKI structures using an XML syntax, such as
    redefining certificates in XML. Existing PKI structures may be
    encapsulated within XML elements however.</li>
  <li>Specification of inter-domain trust semantics.</li>
  <li>Authorization issues and more specifically authorization assertions
    (e.g. SAML).</li>
  <li>Attribute certificates.</li>
  <li>Knowledge representation syntax.</li>
  <li>Audit management.</li>
  <li>Establishment of trust server key authority delegation [<a
    href="#ref-xtaml">XTAML</a>]. This does not preclude requiring the
    ability to sign/encrypt requests and responses, nor preclude discussion
    of establishing trust with the XKMS Trust server. [List ( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0017.html">Stephen
    Farrell</a>)]</li>
  <li>The XML Key Management recommendation will not define generic
    mechanisms for securing SOAP or XML Protocol, but rather define a payload
    security mechanism. A goal is to reduce external standards dependencies.
    [List( <a
    href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0026.html">Blair
    Dillaway</a>)]</li>
  <li>Issues of anonymous access and service use are not the primary focus of
    the work, but may be supported.</li>
  <li>Private key retrieval services that extend beyond the return of a
    service-generated private key as part of registration (e.g. Roaming).</li>
  <li>Server chaining and referral mechanisms.</li>
  <li>XML Key Management of symmetric keys.</li>
  <li>Caching support.</li>
  <li>The specification is not tailored to but does not preclude support of
    highly constrained devices[List (Yassir Elley)].</li>
  <li>Defining authentication mechanisms.</li>
</ol>

<h2><a name="sec-Coordination" id="sec-Coordination"></a>4 Coordination</h2>

<p>Coordination with other groups is as specified in the Charter [<a
href="#XKMSCharter">Charter</a>].</p>
<ol>
  <li>The Working Group may satisfy the {Payload, Transaction, and
    Authentication} requirements via its own specification or via normative
    reference to other specifications. The Working Group SHOULD avoid
    redundant specification of those features where possible but SHOULD also
    consider the timely completion of its own deliverable, this choice is at
    the Working Group's discretion.</li>
</ol>

<h2><a name="sec-IPR" id="sec-IPR"></a>5 Intellectual Property</h2>
Intellectual property issues are as in the Charter [<a
href="#XKMSCharter">Charter</a>].

<h2><a name="sec-References" id="sec-References"></a>6 References</h2>
<dl>
  <dt><a name="ref-4-corner" id="ref-4-corner"></a>4-Corner Model</dt>
    <dd><a
      href="http://www.w3.org/2001/07/xkms-ws/ashwood-4-corners.pdf">http://www.w3.org/2001/07/xkms-ws/ashwood-4-corners.pdf</a></dd>
  <dt><a name="ref-DOM" id="ref-DOM"></a>DOM</dt>
    <dd>Document Object Model (DOM) Level 3 Core Specification, Version 1.0,
      W3C Working Draft, Arnaud Le Hors.&nbsp; 22 October 2002.</dd>
    <dd><a
      href="http://www.w3.org/TR/DOM-Level-3-Core/core.html">http://www.w3.org/TR/DOM-Level-3-Core/core.html</a></dd>
  <dt><a name="ref-exclusive" id="ref-exclusive"></a>Exclusive
  Canonicalization</dt>
    <dd>Exclusive XML Canonicalization Version 1.0 W3C Recommendation, John
      Boyer,&nbsp; Donald E. Eastlake 3rd,&nbsp; Joseph Reagle18 May 2002</dd>
    <dd><a
      href="http://www.w3.org/Signature/Drafts/xml-exc-c14n.html">http://www.w3.org/TR/2002/REC-xml-exc-c14n-20020718/</a></dd>
  <dt><a name="ref-MIME1" id="ref-MIME1"></a>MIME</dt>
    <dd>RFC2046. MIME Part Two: Media Types November 1996. <br />
      <a
      href="http://www.ietf.org/rfc/rfc2046.txt">http://www.ietf.org/rfc/rfc2046.txt</a></dd>
  <dt><a name="ref-p3p" id="ref-p3p"></a>P3P</dt>
    <dd>The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C
      Recommendation, Lorrie Cranor,Marc Langheinrich, Massimo
      Marchiori,&nbsp; Martin Presler-Marshall,Joseph Reagle, 16 April
      2002<br />
      <a href="http://www.w3.org/TR/P3P/">http://www.w3.org/TR/P3P/</a></dd>
  <dt><a name="ref-rfc-2119" id="ref-rfc-2119"></a>RFC 2119</dt>
    <dd>"Key words for use in RFCs to Indicate Requirement Levels", S.
      Bradner, March 1997, RFC 2119.<br />
      <a
      href="http://www.ietf.org/rfc/rfc2119.txt">http://www.ietf.org/rfc/rfc2119.txt</a></dd>
  <dt><a name="ref-rfc-2459" id="ref-rfc-2459"></a>RFC 2459</dt>
    <dd>"Internet X.509 Public Key Infrastructure Certificate and CRL
      Profile",R. Housley, W. Ford, W. Polk, D. Solo, January 1999, RFC 2459.
      <br />
      <a
      href="http://www.ietf.org/rfc/rfc2459.txt">http://www.ietf.org/rfc/rfc2459.txt</a></dd>
  <dt><a name="ref-rfc-2828" id="ref-rfc-2828"></a>RFC 2828</dt>
    <dd>"Internet Security Glossary", R. Shirey, May 2000, RFC 2828.<br />
      <a
      href="http://www.ietf.org/rfc/rfc2828.txt">http://www.ietf.org/rfc/rfc2828.txt</a></dd>
  <dt><a name="ref-saml" id="ref-saml"></a>SAML</dt>
    <dd>Security Assertion Markup Language (SAML)<a
      href="http://www.oasis-open.org/committees/security/docs/">.<br />
      http://www.oasis-open.org/committees/security/docs/</a></dd>
  <dt><a name="ref-soap" id="ref-soap"></a>SOAP</dt>
    <dd>Simple Object Access Protocol (SOAP) 1.1, W3C Note 08 May 2000. <br />
      <a href="http://www.w3.org/TR/SOAP/">http://www.w3.org/TR/SOAP/</a></dd>
  <dt><a name="ref-soap-schemas" id="ref-soap-schemas"></a>SOAP Schemas</dt>
    <dd><a
      href="http://schemas.xmlsoap.org/soap/encoding/">http://schemas.xmlsoap.org/soap/encoding/</a><br
      />
      <a
      href="http://schemas.xmlsoap.org/soap/envelope/">http://schemas.xmlsoap.org/soap/envelope/</a></dd>
  <dt><a name="ref-tls" id="ref-tls"></a>TLS</dt>
    <dd>The TLS Protocol, Version 1.0, RFC 2246, T. Dierks, C. Allen. <br />
      <a
      href="http://www.ietf.org/rfc/rfc2246.txt">http://www.ietf.org/rfc/rfc2246.txt</a></dd>
  <dt><a name="ref-xkms-activity" id="ref-Activity"></a>XKMS Activity
  Statement</dt>
    <dd><a
      href="http://www.w3.org/2001/XKMS/Activity.html">http://www.w3.org/2001/XKMS/Activity.html</a></dd>
  <dt><a name="refxkmschange" id="refxkmschange"></a>XKMS Change Proposal</dt>
    <dd class="nov7"><a
      href="http://www.xmltrustcenter.org/xkms/docs/xkms_change_proposal.html">http://www.xmltrustcenter.org/xkms/docs/xkms_change_proposal.html</a></dd>
  <dt><a name="XKMSCharter" id="XKMSCharter"></a>XKMS Charter</dt>
    <dd><a
      href="http://www.w3.org/2001/XKMS/2002/11/charter.html">http://www.w3.org/2001/XKMS/2002/11/charter.html</a></dd>
  <dt><a name="ref-xkmsWorkshopMailList"
  id="ref-xkmsWorkshopMailList"></a>XKMS Mailing Lists</dt>
    <dd><a
      href="http://lists.w3.org/Archives/Public/www-xkms-ws/">http://lists.w3.org/Archives/Public/www-xkms-ws/</a></dd>
    <dd><a
      href="http://lists.w3.org/Archives/Public/www-xkms/">http://lists.w3.org/Archives/Public/www-xkms/</a></dd>
  <dt><a name="XKMSProposal" id="XKMSProposal"></a>XKMS-Proposal</dt>
    <dd><a
      href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Aug/att-0048/02-xkms-activity.html">http://lists.w3.org/Archives/Public/www-xkms-ws/2001Aug/att-0048/02-xkms-activity.html</a></dd>
  <dt><a name="ref-xkms-note" id="ref-xkms-note"></a>XKMS 1.1 W3C Note</dt>
    <dd class="nov7"><a
      href="http://www.w3.org/TR/xkms/">http://www.w3.org/TR/xkms/</a></dd>
  <dt><a name="ref-XKMSWorkshopMinutes" id="ref-XKMSWorkshopMinutes"></a>XKMS
  Workshop Meeting Minutes</dt>
    <dd><a
      href="http://www.w3.org/2001/07/xkms-ws/minutes.html">http://www.w3.org/2001/07/xkms-ws/minutes.html</a></dd>
  <dt><a name="XKMSPositionPapers" id="XKMSPositionPapers"></a>XKMS Workshop
  Position Papers</dt>
    <dd><a
      href="http://www.w3.org/2001/07/xkms-ws/positions/">http://www.w3.org/2001/07/XKMS-Ws/positions/</a></dd>
  <dt><a name="ref-xkmsRequirementsTeleCon"
  id="ref-xkmsRequirementsTeleCon"></a>Meetings</dt>
    <dd><a
      href="http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0028.html">http://lists.w3.org/Archives/Public/www-xkms-ws/2001Nov/0028.html</a></dd>
    <dd><a
      href="http://www.w3.org/2001/XKMS/Minutes/011114-tele.html">http://www.w3.org/2001/XKMS/Minutes/011114-tele.html</a></dd>
    <dd><a
      href="http://www.w3.org/2001/XKMS/Minutes/011209-slc/011209-slc-f2f1.html">http://www.w3.org/2001/XKMS/Minutes/011209-slc/011209-slc-f2f1.html</a></dd>
    <dd><a
      href="http://www.w3.org/2001/XKMS/Minutes/020123-tele.html">http://www.w3.org/2001/XKMS/Minutes/020123-tele.html</a></dd>
  <dt><a name="ref-XML" id="ref-XML"></a>XML</dt>
    <dd>Extensible Markup Language (XML) 1.0 (Second Edition), W3C
      Recommendation, T. Bray, J. Paoli, C. M. Sperberg-McQueen. 6 October
      2000.<br />
      <a
    href="http://www.w3.org/TR/REC-xml">http://www.w3.org/TR/REC-xml</a></dd>
  <dt><a name="ref-XML-C14N" id="ref-XML-C14N"></a>XML-C14N</dt>
    <dd><a href="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">Canonical
      XML.</a> W3C Recommendation. J. Boyer. March 2001.</dd>
    <dd><a
      href="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">http://www.w3.org/TR/2001/REC-xml-c14n-20010315</a></dd>
    <dd><a
      href="http://www.ietf.org/rfc/rfc3076.txt">http://www.ietf.org/rfc/rfc3076.txt</a></dd>
  <dt><a name="ref-xml-dsig" id="ref-xml-dsig"></a>XMLDSIG</dt>
    <dd><a
      href="http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/">XML-Signature
      Syntax and Processing</a>. W3C Recommendation. D. Eastlake, J. Reagle,
      and D. Solo. February 2002. <br />
      <a
      href="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/">http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/</a></dd>
    <dd><a href="http://www.w3.org/TR/xmldsig-requirements">XML Signature
      Requirements</a>. W3C Working Draft. J. Reagle. October 1999.<br />
      <a
      href="http://www.w3.org/TR/1999/WD-xmldsig-requirements-19991014.html">http://www.w3.org/TR/1999/WD-xmldsig-requirements-19991014</a></dd>
  <dt><a name="ref-xml-encryption" id="ref-xml-encryption"></a>XML
  Encryption</dt>
    <dd>XML Encryption Syntax and Processing, W3C Recommendation T. Imamura,
      B. Dillaway, J. Schaad, E. Simon. December 2002. <br />
      <a
      href="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/">http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/</a></dd>
    <dd><a href="http://www.w3.org/TR/xml-encryption-req">XML Encryption
      Requirements</a>. W3C Note J. Reagle. March 2002.<br />
      <a
      href="http://www.w3.org/TR/2002/NOTE-xml-encryption-req-20020304">http://www.w3.org/TR/2002/NOTE-xml-encryption-req-20020304</a></dd>
  <dt><a name="ref-XML-ns" id="ref-XML-ns"></a>XML-ns</dt>
    <dd>Namespaces in XML Recommendation. T. Bray, D. Hollander, A. Layman.
      January 1999.</dd>
    <dd><a
      href="http://www.w3.org/TR/1999/REC-xml-names-19990114/">http://www.w3.org/TR/1999/REC-xml-names-19990114/</a></dd>
  <dt><a name="XMLprotocol" id="XMLprotocol"></a>XML Protocol</dt>
    <dd><a
    href="http://www.w3.org/2002/ws/">http://www.w3.org/2002/ws/</a></dd>
  <dt><a name="ref-XML-schema" id="ref-XML-schema"></a>XML-schema</dt>
    <dd><a href="http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/">XML
      Schema Part 1: Structures</a> W3C Recommendation. D. Beech, M.
      Maloney,N. Mendelsohn, H. Thompson. May 2001.</dd>
    <dd><a
      href="http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/">http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/</a></dd>
    <dd><a href="http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/">XML
      Schema Part 2: Datatypes</a> W3C Recommendation. P. Biron, A. Malhotra.
      May 2001.</dd>
    <dd><a
      href="http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/">http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/</a></dd>
  <dt><a name="ref-uddi" id="ref-uddi"></a>Universal Description, Discovery
  &amp; Integration (UDDI) specifications</dt>
    <dd><a
      href="http://www.uddi.org/specification.html">http://www.uddi.org/specification.html</a></dd>
  <dt><a name="ref-URI111" id="ref-URI111"></a>URI</dt>
    <dd>RFC2396. <i>Uniform Resource Identifiers (URI): Generic Syntax.</i>
      T. Berners-Lee, R. Fielding, L. Masinter. August 1998 <a
      href="http://www.ietf.org/rfc/rfc2396.txt">http://www.ietf.org/rfc/rfc2396.txt</a></dd>
  <dt><a name="ref-wsdl" id="ref-wsdl"></a>Web Services Description Language
  (WSDL)</dt>
    <dd>W3C Note 15 March 2001 <a
      href="http://www.w3.org/TR/wsdl">http://www.w3.org/TR/wsdl</a></dd>
  <dt><a name="ref-xtaml" id="ref-xtaml"></a>XML Trust Axiom Markup Language
  (XTAML)</dt>
    <dd><a
      href="http://www.xmltrustcenter.org/research/xtaml/index.htm">http://www.xmltrustcenter.org/research/xtaml/index.htm</a></dd>
</dl>
</body>
</html>