XKMS Workshop Position Paper
Jeremy Epstein
Director, Product Security
webMethods, Inc.
+1 703-460-5852

webMethods has been involved since the early days of XKMS, as one of the original authors of the XKMS submission to W3C (XKMS Submission).  In addition, webMethods has been an active participant in many other W3C standards efforts, including XML schema and XML protocol.  Many webMethods products are XML based, and follow W3C standards.

webMethods is not a provider of XKMS services, but rather a consumer of those services.  We provide applications software that needs access to PKI-type services such as certificate creation, validation, and revocation.  We use private keys and certificates (and hence need to validate them) for the typical reasons: establishing secure channels using SSL, performing and validating digital signatures for non-repudiation of origin, and creating end-to-end encrypted traffic.  Rather than using a particular PKI vendor toolkit that theoretically works with any PKI, but in fact is less than interoperable, we see XKMS as a long term solution that supports our customers' needs for accurate certificate handling.  XKMS meets our needs as a consumer of trust services.

We view the most critical portions of this effort to be timeliness and interoperability.  PKI has been next year's big technology for the past ten years.  XKMS has an opportunity to change that by providing an easy-to-use solution that doesn't rely on proprietary toolkits.  However, it must mature quickly, or PKI will enter a permanent niche status.  At the same time, the standard must be sufficiently defined that all implementations will be interoperable.  Further, interoperability testing needs to encompass a range of consumers of XKMS services, not just web browsers or other simple applications.  Other goals need to be a consistent layering on top of the existing XML Signature effort, and the nascent XML Encryption project.

The most important outcome of the workshop is a schedule for developing a base standard and its interoperability testing. While extensions to the standard may be valuable later on, it is more important to get version 1.0 that satisfies 80% of our needs than delay adoption so we can reach a higher percentage.  We propose the following draft schedule as a basis for discussion:

Jul 2001 Working Group is formed
Jul 2001 First face-to-face meeting (and recurs every 2 months)
Sep 2001 Publish Requirement Document, Use cases doc and first Working Draft
Dec 2001 Publish Second Working Draft
Mar 2002 Last Call Working Draft
Jun 2002 Candidate Recommendation Draft
Sep 2002 Proposed Recommendation Draft
Oct 2002 Recommendation
Dec 2002 Working Group completes work

As one of the originators of XKMS, webMethods will continue to support this effort through participation in the working group, as a key aspect of our support for XML security standards.