[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ekmi] Groups - SKSML-DRAFT7 Specification, XSD and sample instances(ZIP) (sksml-draft7.zip) uploaded
Hi Arshad, I have a few very small comments. First a few editorial comments: ----- 1.3 Strange sentence: The client application (linked to the call SKCL) will an API method within the SKCL for the appropriate symmetric key. -> The client application (that has been linked to the SKCL) will call an API method within the SKCL for the appropriate symmetric key. Chapters: 1.8 Response with multiple new symmetric keys 1.1 Response with an SKS error ?? Actually chapter numbering is completely off, I was trying to find "4.5 Element <SymKeyResponse"" from the table of contents, but it is not to be found. 1.1 Response with a pending Request ID Sentence cut: "Alternatively, when the" ----- And last a small comment, I followed your discussion with Anders Rundgren and it's kind of related. ----- There is no specification which public key is used to encrypt the symmetric key returned in the <SymKey> type. Is it the "ValueType attribute containing the value http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3." from the <SymKeyRequest>? This puts some limitations on this certificate, i.e. KeyUsage digitalSignature, keyEncipherment, but these limitations I understand is part of the profile as you have explained to Anders, which is fine with me. Some words of specifying with what you encrypt the SymKey is needed I think. ----- Regards, Tomas arshad.noor@strongauth.com wrote: > Hi folks, > > My apologies for taking some time to finish this, but there were far more > ripple effects with the inclusion of support for asynchronous messaging and > the Standard Error Codes. However, the Public Review 02 Specification is > complete. > > Here is a synopsis of the changes: > > This version includes the following changes: > > 01) Created the SymkeyWorkInProgressType to support asynchronous requests > and responses between SKCLs and SKS servers. While the SKSML request > > will still be enclosed in a SOAP element with a digital signature, the > > request may now be sent over other protocols besides HTTP (such as > SMTP). > > 02) Created a SymkeyRequestID element and SymkeyRequestIDType to allow > the > client and server to track an asynchronous request and response. > > 03) Created the RequestCheckIntervalType to allows the SKS server to tell > clients how frequently they may poll a server on a work-in-progress > request. > > 04) Modified SymkeyType to include the SymkeyRequestID element to > correlate > symkey responses with requests on the client side. > > 05) Modified SymekyError to include the SymkeyRequestID element to > correlate errors with requests on the client side. > > 06) Added SKMS Standard Error Codes & Messages in Appendix C. > > 07) Added the Vendor Process for requesting a reserved block of SKMS Error > Codes in Appendix D. > > Please review these changes. I am submitting a ballot for the TC to submit > this for Public Review. We are required to do this for 15 days given that > we have made changes to the protocol. The TC will have approximately 3 > weeks (1 week for ballot + 2 weeks for PR2) to get comments back on these > changes. However, I would encourage you to submit feedback as early as > possible. > > Once we are complete with PR2 and have addressed any comments at that time, > we will be at the penultimate step of the standards vote. > > Thanks for your patience. > > -- Arshad Noor* > > The document named SKSML-DRAFT7 Specification, XSD and sample instances > (ZIP) (sksml-draft7.zip) has been submitted by Arshad Noor* to the OASIS > Enterprise Key Management Infrastructure (EKMI) Technical Committee > document repository. > > Document Description: > DRAFT 7 of the SKSML 1.0 Specification (Public Review 02), the EKMI XML > Schema Definition and sample schema instances. > > View Document Details: > http://www.oasis-open.org/committees/document.php?document_id=29914 > > Download Document: > http://www.oasis-open.org/committees/download.php/29914/sksml-draft7.zip > > > PLEASE NOTE: If the above links do not work for you, your email application > may be breaking the link into two pieces. You may be able to copy and paste > the entire link address into the address field of your web browser. > > -OASIS Open Administration
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]