Computing in the real world
SEARCH FOR: IN: Advanced Search
Guest  Level 00    Register Log in

News 

[PSUs]
Wednesday 29th June 2005
W3C updates XML PKI spec 1:02PM, Wednesday 29th June 2005
The Internet standards body W3C (World Wide Web consortium) has released a new XML specification as an official W3C Recommendation.

The XML Key Management Specification (XKMS) 2.0 brings PKI (public key infrastructure) technology into the realm of Web services (PKI is the framework within which digital certificates can be exchanged).

The idea is that online businesses will be better able to share public key identities across applications, systems and what the W3C calls 'trust boundaries'. XKMS is a non-proprietary and open standard way to provide such services, which means it should be easier for third-parties to work together in an automated fashion. Using the protocol, XKMS servers can carry the processing burden and - states the W3C - handle public key issues (confirming, revoking, etc) transparently to the applications themselves.

Most familiarly, PKI is used for digital signatures - for example, encrypting and signing sensitive emails.

BT, and its Trust Services,

 
 
ADVERTISEMENT
, is an example of a company working in this field.

Described by the W3C as the 'cornerstone' of providing Web security, XKMS 2.0 is part of the W3C XML Security Framework, which also includes the XML Signature, XML Encryption, and Canonical XML Recommendations

You can read more about XKMS at www.w3.org/2001/XKMS/.

A status of 'Recommendation' for a specification means that the W3C favours its adoption by the industry. The beta-version, as it were, will only be a Candidate Recommendation.

When it comes to explaining digital signatures in more detail, you have to dip your toes into the world of encryption and asymmetric cryptography... Public and private 'keys' are complementary special codes that, when used together, offer an effective encryption scheme supporting both message authentication and digital signature verification.

To ensure authentication, an easily available public key of the recipient is used to encrypt data for transmission and an equivalent private key - which is known only by the recipient and is not shared - can be used to decode it.

To add a digital signature, a code is created with a private key of the sender, by running that key across the message content. The recipient can then verify that digital signature usng the sender's public key.

This allows the authentication of any signed information by a complementary process of signature verification. The value used, furthermore, can be unique to both the contents of the message and your private key.
Alun Williams

Submit to: Digg  |  Slashdot  |  Del.icio.us  |  Technorati

Related News


Back to top
Compare Broadband
Broadband?
Compare 50+ packages
Enter your postcode below:
Powered by:
Top 10 Broadband
Bookstore Top 5
› See more News
› See more Hot topics

Columns

Prolog:

Tim Danton puts his safety at risk by standing between the internet bullies and Microsoft. › See full Opinion
› See more Columns
›  See more Research Papers