[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ekmi] Symmetric Key Response - Phil Hoyer, IETF KeyProv Suggestion
Tomas, it is coming from the ietf namespace. Essentially we are saying that underneath the ekmi:SymkeyResponse root, we can send any elements and the parser will take care or throw errors. Regards, Anil On 04/20/2010 02:46 AM, Tomas Gustavsson wrote: > > Should it be ekmi:KeyContainer etc instead of just KeyContainer? > > Cheers, > Tomas > > > Anil Saldhana wrote: >> Hi all, >> we had agreed to incorporate Phil Hoyer's suggestion for the >> Symmetric Key Response pay load to have extensions to allow non-ekmi >> based systems to send responses back. >> >> The original proposal is here: >> http://wiki.oasis-open.org/ekmi/CommentsReceivedForSKSMLReview >> >> This is how the incorporation will be: >> >> Regular SKSML Response Payload: >> >> ================== >> <ekmi:SymkeyResponse >> xmlns:ekmi='http://docs.oasis-open.org/ekmi/2008/01' >> xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> >> <ekmi:Symkey> >> <ekmi:SymkeyRequestID>10514-1-7476</ekmi:SymkeyRequestID> >> <ekmi:GlobalKeyID>10514-1-235</ekmi:GlobalKeyID> >> <ekmi:KeyUsePolicy> >> <ekmi:KeyUsePolicyID>10514-4</ekmi:KeyUsePolicyID> >> <ekmi:PolicyName>DES-EDE KeyUsePolicy</ekmi:PolicyName> >> <ekmi:KeyClass>HR-Class</ekmi:KeyClass> >> <ekmi:KeyAlgorithm> http://www.w3.org/2001/04/xmlenc#tripledes-cbc >> </ekmi:KeyAlgorithm> >> <ekmi:KeySize>192</ekmi:KeySize> >> <ekmi:Status>Active</ekmi:Status> >> <ekmi:Permissions> >> .... >> </ekmi:Permissions> >> </ekmi:KeyUsePolicy> >> <ekmi:EncryptionMethod >> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> >> <xenc:CipherData> >> <xenc:CipherValue> >> .... >> </xenc:CipherData> >> </ekmi:Symkey> >> </ekmi:SymkeyResponse> >> >> ==================== >> >> >> An IETF KeyProv response embedded in the sym key response would look >> as follows: >> ==================== >> <ekmi:SymkeyResponse >> xmlns:ekmi='http://docs.oasis-open.org/ekmi/2008/01' >> xmlns:xenc='http://www.w3.org/2001/04/xmlenc#' >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> >> <KeyContainer Version="1.0" >> xmlns="urn:ietf:params:xml:ns:keyprov:pskc:1.0"> >> <Device> >> <DeviceInfo> >> <Manufacturer>aManufacturer</Manufacturer> >> <SerialNo>10514-1-235</SerialNo> >> </DeviceInfo> >> <Key KeyAlgorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" >> KeyId="10514-1-235"> >> <Issuer>anIssuer</Issuer> >> </Key> >> </Device> >> </KeyContainer> >> </ekmi:SymkeyResponse> >> ======================== >> >> I think parsers are smart enough to figure out the payload and there >> is no need to add an additional indirection to >> identify the type of payload contained inside the ekmi:SymkeyResponse >> >> Regards, >> Anil
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]