Re: FW: [dss] FW: XML Key Management Specification Last Call - need review/feed back

[Juan Carlos Cruellas <cruellas@ac.upc.es>]

Yes, and that is why I wrote:

"Just one comment on Item 5. If nothing is received on the additions
to the XKMS comments  22 of May the latest, I propose to send the original
comment made by Robert:"

The deadline was 23rd, according to Robert's message.
So I will send the email in few minutes, with copy to the list.
Regards


Juan Carlos.

At 10:59 20/05/2003 -0400, Frederick.Hirsch@nokia.com wrote:
>would it be reasonable to forward this to the xkms list before our next
meeting?
>
>I believe the xkms team is looking to obtain input before May 28 if possible.
>
>regards, Frederick
> 
>Frederick Hirsch
>Nokia Mobile Phones
>
>
>
>
>-----Original Message-----
>From: ext Robert Zuccherato [mailto:robert.zuccherato@entrust.com]
>Sent: Friday, May 02, 2003 2:29 PM
>To: 'DSS TC'
>Subject: RE: [dss] FW: XML Key Management Specification Last Call - need
>review/feed back
>
>
>Based upon the discussion that we have seen on this topic I would like to
>propose that we reply with the following:
>
>The DSS TC would like to thank the XKMS WG for the opportunity to comment on
>the Last Call Working Draft.  We have one comment related to a potential
>enhancement to support our use cases.
>
>A DSS service may produce signatures (such as XML-DSIG and CMS signatures)
>for its clients - if it authenticates the client, it may attach the client's
>name as a signed attribute to the signature - this way a client can produce
>signatures that are associated with himself, without needing his own key
>pair.
>
>So it would be nice if a relying party can query an XKMS service on the DSS
>client's name, and receive back the DSS service's key, but the XKMS client
>would need to be told that this key is not in the sole possession of the DSS
>client, but must be associated with the DSS client through a signed
>attribute.
>
>Two options appear feasible.  
>
>This could be done by adding a new "DelegatedSignature" value to the
><KeyUsage> element: <KeyUsage>DelegatedSignature</KeyUsage>.  So for a given
>protocol that uses signatures, an XKMS client could query for
><KeyUsage>DelegatedSignature</KeyUsage> as well as 
><KeyUsage>Signature</KeyUsage>.  This is simple, but would require a change
>to XKMS.
>
>Alternatively, the same an extra application URI could be defined for the
><UseKeyWith> element, for every protocol that uses signatures, to denote the
>delegated signature version.  This requires the definition of an extra URI
>for each protocol that uses signatures and thus seems more difficult to
>support, in general.  It would not require a change to XKMS though.
>
>Thanks,
>
>	Robert Zuccherato.
>
>> -----Original Message-----
>> From: Robert Zuccherato [mailto:robert.zuccherato@entrust.com] 
>> Sent: Monday, April 21, 2003 10:56 AM
>> To: 'DSS TC'
>> Subject: [dss] FW: XML Key Management Specification Last Call 
>> - need review/feed back
>> 
>> 
>> I received the following message from Shivaram Mysore, one of 
>> the chairs of
>> the XKMS WG.  The XKMS specification has entered its last 
>> call process.  Are
>> there any comments that we, as a TC, wish to make to the XKMS WG?
>> 
>> 	Robert.
>> 
>> > -----Original Message-----
>> > From: Shivaram Mysore [mailto:Shivaram.Mysore@Sun.COM]
>> > Sent: Friday, April 18, 2003 5:42 PM
>> > To: robert.zuccherato@entrust.com; cruellas@ac.upc.es
>> > Cc: Shivaram.Mysore@Sun.COM; stephen.farrell@baltimore.ie
>> > Subject: XML Key Management Specification Last Call - need
>> > review/feedback
>> > 
>> > 
>> > Dear Chair,
>> > 
>> > I am sending this to you so that we can get feedback from 
>> > Digital Signature 
>> > Services  TC.
>> > 
>> > On behalf of the XML Key Managment Service WG [XKMS-WG], we are 
>> > pleased to announce the publication of the "XML Key 
>> > Management Specification" 
>> > Last Call Working Draft.  This is one of the deliverables of 
>> > the WG.  The 
>> > document address is:
>> > 
>> >   http://www.w3.org/TR/2003/WD-xkms2-20030418/Overview.html
>> >   http://www.w3.org/TR/2003/WD-xkms2-bindings-20030418/Overview.html
>> >   
>> > The Last Call review period will end on 23 May, 2003. Please 
>> > send review 
>> > comments by that date to the editor - pbaker@verisign.com and cc: 
>> > www-xkms@w3.org
>> > 
>> > Please let us know by May 02 if you are able to provide 
>> > feedback by May 23, the 
>> > close of Last Call. If you do not think review is necessary 
>> > (e.g., there are no 
>> > actual dependencies), or your comments will not be ready by 
>> > May 23, please let 
>> > us know that by May 02 as well.
>> > 
>> > 
>> > [XKMS-WG]  http://www.w3.org/2001/XKMS
>> > 
>> > Thank you,
>> > 
>> > /Shivaram Mysore
>> > Co-Chair, W3C XKMS WG
>> > ______________________________________________________________
>> > _____________
>> > Shivaram H. Mysore <shivaram.mysore@sun.com>
>> > 
>> > Software Engineer 				Co-Chair, W3C's XKMS WG	
>> > Java Card Engineering				
>> http://www.w3.org/2001/XKMS
>> JavaSoft, Sun Microsystems Inc.	
>> 
>> Direct: (408)276-7524
>> Fax:    (408)276-7674
>> 
>http://java.sun.com/people/shivaram  (Internal: http://mysore.sfbay/)
>___________________________________________________________________________
>
>You may leave a Technical Committee at any time by visiting
http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php
>
>