World Wide Web Consortium
Workshop on XML Key Management Services

19 July 2001
Redwood City, CA - USA

background · goals · scope · criteria · participation · position papers  · dates · program · proceedings · organizing committee · resource



In 1999, W3C began work on security-related specifications for the Web. Starting with XML Signature Working Group (jointly with IETF) and now XML Encryption Working Group, we have been building a series of modular cryptographic facilities to enable the development of a variety of security services. W3C's work to date, however, has only laid the beginning foundations for what will ultimately be required of Web-based security services. The XML Signature specification, for example, purposefully avoided questions of key trustworthiness. While the signature specification did define a few XML structures for common key types (e.g., DSAKeyValue, X509, etc.), these structures are optional and questions of trust, including confidence in a key, was out of scope of XML Signature, as it is for XML Encryption.

However, these questions about trust are critical to secure XML applications, reliable XML protocols and trusted Web services. Recently, a number of W3C Members made a submission (XKMS Submission) that adds an additional layer of security services to Web standards.

XKMS address these issues in two parts: X-KISS and X-KRSS. First, the X-KISS specification defines a protocol for a Trust service that resolves the key information contained in an XML Signature or Encryption element. This permits a client to delegate part or all of the tasks required to process key information. This delegation is useful in that a light-weight, XML only client can delegate the processing of other formats (ASN1 encoded certificates) and their semantics (X509 semantics and path validation rules) to an external service. Second, the X-KRSS specification defines a protocol for a Web service that accepts registration of public key information. Once registered, the public key may be used in conjunction with other Web services including X-KISS.


This workshop will consider the requirements for simple key resolution and trust services for XML security applications, the degree to which the XKMS specification satisfies those requirements, and determine if there is sufficient focus and interest to propose a W3C activity in this area.

Scope of the Workshop

Topics likely to be discussed at this workshop include, but are not limited to:

Criteria for success

The workshop will be considered successful if:

Future W3C work in this area will vary depending on the workshop findings. It is important to identify how W3C can make a unique contribution, whether through its own development resource and/or liaison with other organizations.


Registration and Rules for participation

To facilitate workshop planning, anyone interested in participating should send a statement of interest to xkms-ws-submit@w3.org stating:


Position Papers

Position papers are the basis for the discussion at the workshop. A position paper is usually short, around 1 to 5 pages (there is a maximum of five pages) and summarizes:

Position papers will be published on the public Web pages of the workshop, so position papers and slides of presentations must be available for public dissemination. Submitting a position paper comprises a default recognition of these terms for publication. Allowed formats are valid HTML/XHTML or plain text. Papers in any other formats will be returned, with a request for correct formatting.

The Chair will ask the authors of particularly salient position papers to present their position at the workshop to foster discussion. Presenters will also make the slides of the presentation available on the workshop Web site.

Position papers must be submitted via email to the Workshop Chair (<joe_pato@hp.com> and <xkms-ws-submit@w3.org>) no later than 19 June 2001.

Important dates

19 June 2001: Deadline for W3C Member position papers and registration for the workshop program (1 to 5 pages - send to xkms-ws-submit@w3.org).

27 June 2001: Position paper acceptance and draft workshop program available

19 July 2001: Workshop on XML Key Management Services.

Workshop program

The workshop program is not yet available.

The complete list of submitted papers should be viewed as required reading for the workshop.

Workshop proceedings

Minutes of the workshop will be publicly available. The presentations are available from the program.

XML Key Management Services discussion

There is a public W3C list,  <www-xkms-ws@w3.org> (see archive), for discussion regarding this workshop.

Organizing committee

Program Chair
Joe Pato, HP
Workshop Organization Chair
Thane Plambeck, VeriSign
Workshop Webmaster
Dominique Hazaël-Massieux, dom@w3.org
MIT/Laboratory for Computer Science
545 Technology Square
Cambridge, MA 02139 U.S.A.

Workshop logistics

Workshop logistics are shared with those of the XML Encryption Face-to-Face.

W3C Resource Statement

Over the period of ten weeks, this work will consume 15% of the time of one W3C Team member for committee work, organization, and for managing the workshop Web site.

Joseph Reagle
$Date: 2001/06/18 18:12:02 $ by $Author: reagle $