This questionnaire was open from 2004-09-14 to 2005-01-28 and was
available as a wbs
online form.
Seven client developers and four XKMS servers participated in the
interoperabiltiy event.
Details
Responder |
|
|
Alvaro Guillermo |
|
Trinity College Dublin |
Tommy Lindberg |
|
Markup Security (http://markupsecurity.com) |
Roland Lockhart |
|
Entrust Inc. |
Vamsi Motukuru |
|
Oracle Corporation
|
Berin Lautenbach |
|
Apache Software Foundation ( http://www.apache.org
) |
Rich Salz |
|
DataPower Technology, Inc.
http://www.datapower.com
|
Yunhao Zhang |
|
SQLData Systems |
Details
Responder |
|
|
Alvaro Guillermo |
|
Guillermo Alvaro |
Tommy Lindberg |
|
Tommy Lindberg |
Roland Lockhart |
|
Roland Lockhart |
Vamsi Motukuru |
|
Vamsi Motukuru
|
Berin Lautenbach |
|
Berin Lautenbach |
Rich Salz |
|
Rich Salz
rsalz@datapower.com |
Yunhao Zhang |
|
Yunhao Zhang |
Details
Responder |
|
|
Alvaro Guillermo |
|
|
Tommy Lindberg |
|
Markup Security XKMS
(http://markupsecurity.com/info/xkms) |
Roland Lockhart |
|
Entrust XKMS Test Client |
Vamsi Motukuru |
|
Oracle Security Developer Tools
http://www.oracle.com/technology/products/id_mgmt/osdt/index.html |
Berin Lautenbach |
|
XML Security C++ Library (
http://xml.apache.org/security/c/index.html ) |
Rich Salz |
|
DataPower XS-40
|
Yunhao Zhang |
|
SQLData XKMS Server 2.0
(http://sqldata.com/xkms.htm) |
Details
Responder |
|
|
Alvaro Guillermo |
|
1.0 |
Tommy Lindberg |
|
beta |
Roland Lockhart |
|
1.0 |
Vamsi Motukuru |
|
10gR2
http://www.oracle.com/technology/products/id_mgmt/osdt/index.html |
Berin Lautenbach |
|
Pre release of Version 1.2 - CO from public CVS |
Rich Salz |
|
Release 3.x |
Yunhao Zhang |
|
2.0 |
Details
Responder |
|
|
Alvaro Guillermo |
|
XKMS 2.0 |
Tommy Lindberg |
|
XKMS 2.0 - "http://www.w3.org/2002/03/xkms#" |
Roland Lockhart |
|
XKMS 2.0 |
Vamsi Motukuru |
|
XKMS Version 2.0 -
"http://www.w3.org/2002/03/xkms#" |
Berin Lautenbach |
|
XKMS Version - "http://www.w3.org/2002/03/xkms#" |
Rich Salz |
|
XKMS 2.0 |
Yunhao Zhang |
|
XKMS Version - "http://www.w3.org/2002/03/xkms#" |
II. Test-suite implementation report
You should indicate in your answers against which server you did your
tests. The following four servers are available:
N.B. The survey widget has some limitations. It's legend should be
interpreted as follows:
1 Failure, 2 Non applicable, 3 Cannot tell, 4 Not tested, 5 Success
A client wishes to obtain an encryption key bound to bob@example.com, so
it can be able to send an encrypted mail to Bob. The client secure email
format is S/MIME. The processing mode is synchronous. The resulting set of
messages will consist of a Locate Request to the server and the Locate Result
returned.
Test
suite reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
2 |
4 |
1 |
Entrust |
1 |
|
|
3 |
|
3 |
SQL Data |
|
|
|
2 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
Locate operation successfully tested.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
Using SOAP 1.2 for SQL Data |
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
1 |
5 |
No opinion |
|
Rich Salz |
4 |
4 |
4 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
Successful when a DN is used for the KeyName.Only SOAP
bindings were tested. |
A client wishes to check whether a certificate supplied by a sender
(Alice) in a message is valid or not, so he sends the certificate chain to
the XKMS service. The processing mode is synchronous. The certificate is
valid and it has not been revoked. The resulting set of messages will consist
of a Validate Request to the server and the Validate Result returned
reporting that the key binding has successfully been checked.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
6 |
1 |
Entrust |
|
|
|
2 |
4 |
1 |
SQL Data |
|
|
|
1 |
5 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
5 |
5 |
No opinion |
Validate operation successfully tested.
* Soap1.1 used to communicate with Entrust's server.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
Using SOAP 1.2 for SQL Data |
Roland Lockhart |
5 |
4 |
4 |
|
Used SOAP 1.1 |
Vamsi Motukuru |
5 |
5 |
5 |
No opinion |
|
Berin Lautenbach |
5 |
5 |
5 |
No opinion |
Used SOAP 1.1 For Entrust |
Rich Salz |
5 |
5 |
5 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
Tested using SOAP bindings. |
In a similar scenario to XKISS-T1, a client wishes to obtain a key bound
to bob2@example.com, but the server cannot locate a key for that user. The
resulting set of messages will consist of a Locate Request to the server and
the Locate Result returned.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
2 |
4 |
1 |
Entrust |
1 |
|
|
3 |
|
3 |
SQL Data |
|
|
|
2 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
"Unsuccessful Locate" operation successfully
tested.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
Using SOAP 1.2 for SQL Data |
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
1 |
5 |
No opinion |
|
Rich Salz |
4 |
4 |
4 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
Tested using SOAP bindings. |
In a similar scenario to XKISS-T2, a client wishes to check whether a
certificate supplied by a sender (Eric) in a message is valid or not, so he
sends the certificate chain to the XKMS service. The processing mode is
synchronous. The certificate is not valid because it has expired. The
resulting set of messages will consist of a Validate Request and a Validate
Result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
1 |
5 |
1 |
Entrust |
|
|
|
3 |
3 |
1 |
SQL Data |
|
|
|
2 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
5 |
5 |
No opinion |
Validate over an expired cert operation successfully
tested.
* Soap1.1 used to communicate with Entrust's server.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
Using SOAP 1.2 for SQL Data |
Roland Lockhart |
5 |
4 |
4 |
|
Used SOAP 1.1 |
Vamsi Motukuru |
5 |
5 |
5 |
No opinion |
|
Berin Lautenbach |
5 |
5 |
5 |
No opinion |
Used SOAP 1.1 For Entrust |
Rich Salz |
4 |
4 |
4 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
Tested only SOAP bindings. |
In a similar scenario to XKISS-T2, a client wishes to check whether a
certificate supplied by a sender (Ralph) in a message is valid or not, so he
sends the certificate chain to the XKMS service. The processing mode is
synchronous. The certificate is not valid because it has been revoked. The
resulting set of messages will consist of a Validate Request and a Validate
Result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
1 |
5 |
1 |
Entrust |
|
|
|
3 |
3 |
1 |
SQL Data |
|
|
|
2 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
5 |
5 |
No opinion |
Validate over a revoked cert operation successfully
tested.
* Soap1.1 used to communicate with Entrust's server.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
Using SOAP 1.2 for SQL Data |
Roland Lockhart |
5 |
4 |
4 |
|
Used SOAP 1.1 |
Vamsi Motukuru |
5 |
5 |
5 |
No opinion |
|
Berin Lautenbach |
5 |
5 |
5 |
No opinion |
Used SOAP 1.1 For Entrust |
Rich Salz |
4 |
4 |
4 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
Tested only SOAP Bindings |
A client wishes to obtain an encryption key bound to bob@example.com, so
it can be able to send an encrypted mail to Bob. The client secure email
format is S/MIME. The processing mode is Two Phase. The resulting set of
messages will consist of two Locate Requests to the server and two Locate
Results returned.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
1 |
4 |
1 |
Entrust |
|
1 |
1 |
2 |
|
3 |
SQL Data |
|
1 |
|
1 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
Two Phase operation successfully tested.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
3 |
5 |
No opinion |
Used SOAP 1.1 For Entrust - but returned
immediately |
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
Successfully tested when the correct DN is used for
the TL server. |
A client wishes to obtain an encryption key bound to bob@example.com. The
client secure email format is S/MIME. The processing mode is asynchronous.
The resulting set of messages will consist of two Locate Requests to the
server and two Locate Responses returned. The server will notify by email
when is it ready to receive the Pending Request. The resulting set of
messages will consist of at least six messages: An initial Locate Request and
Locate Result; One or more Status requests and responses, with the last
Status Result stating the Success; a Pending Request and a final Locate
Result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
1 |
4 |
1 |
Entrust |
|
1 |
|
2 |
|
4 |
SQL Data |
|
1 |
|
1 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
Asynchronous operation successfully tested.
* The first Status request/response pair was not performed with SQL
Data's server as the operation had already been completed.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
The SQLData server processes asynchronous request
immediately, only one status request was issued. |
A client wishes to obtain an encryption key bound to bob@example.com. The
client secure email format is S/MIME. The processing mode is Two Phase
Protocol with Asynchronous Processing. The resulting set of messages will
consist of at least eight messages: two Locate Requests to the server and two
Locate Responses returned, corresponding to the Two Phase protocol, then at
least a Status Request-Response pair and finally a Pending Request and the
final Locate Result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
1 |
4 |
1 |
Entrust |
|
1 |
|
2 |
|
4 |
SQL Data |
|
1 |
|
2 |
3 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
Two Phase and Asynchronous operation successfully
tested.
* Soap1.2 used to communicate with SQL Data's server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
4 |
No opinion |
|
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make a locate and two validate requests simultaneously.
The processing mode is synchronous. The locate and validate requests that
will be made correspond to the tests XKISS-T1, XKISS-T2 and XKISS-T4. The
resulting set of messages will consist of an outer Compound Request with
three inner requests and an outer Compound Result with three inner
results.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
1 |
4 |
1 |
Entrust |
|
1 |
|
2 |
|
4 |
SQL Data |
|
1 |
|
1 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
* Soap1.2 used to communicate with SQL Data's
server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make a locate and two validate requests simultaneously.
The processing mode is Two Phase Protocol. The locate and validate requests
that will be made correspond to the tests XKISS-T1, XKISS-T2 and XKISS-T4.
The resulting set of messages will consist of two outer Compound Request with
three inner requests and two Compound Results. the first without inner
results and the second containing three.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
1 |
4 |
1 |
Entrust |
|
1 |
|
2 |
|
4 |
SQL Data |
|
1 |
|
1 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
* Soap1.2 used to communicate with SQL Data's
server. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make a locate and two validate requests simultaneously.
The processing mode is asynchronous. The locate and validate requests that
will be made correspond to the tests XKISS-T1, XKISS-T2 and XKISS-T4. The
client will send a Status Request after receiving the notification of the
Locate message but when the validate messages are still pending. The
resulting set of messages will consist of at least six messages: an initial
outer Compound Request with three inner requests and the initial Compound
Result; at least a Status Request-Result pair; a Pending Request and the
final Compound Result with three inner results.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
2 |
3 |
1 |
Entrust |
|
1 |
|
2 |
|
4 |
SQL Data |
|
1 |
|
2 |
3 |
1 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
* Soap1.2 used to communicate with SQL Data's
server.
* The Status Req/Res pair was performed after the operation had been
completed.
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
4 |
No opinion |
4 |
No opinion |
|
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make a locate and two validate requests simultaneously.
The processing mode for the compound message is synchronous. The locate and
validate requests that will be made correspond to the tests XKISS-T1,
XKISS-T2 and XKISS-T4. The inner Locate Request will be made synchronously
and the Validate requests asynchronously. The resulting set of messages will
consist of at least ten messages: an initial outer Compound Request with
three inner requests and the initial Compound Result with three inner
results; at least two Status request-response pairs and two Pending requests
and two Validate results.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
1 |
|
2 |
2 |
2 |
Entrust |
|
1 |
|
2 |
|
4 |
SQL Data |
|
1 |
1 |
2 |
2 |
1 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
3 |
No opinion |
Inner aysnchronous requests are processed
synchronously. |
Berin Lautenbach |
4 |
No opinion |
4 |
No opinion |
|
Rich Salz |
2 |
2 |
2 |
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|
The same scenario as XKISS-T1 but with the messages wrapped in SOAP 1.1
envelopes.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
1 |
5 |
1 |
Entrust |
|
|
|
2 |
3 |
2 |
SQL Data |
|
|
|
1 |
4 |
2 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
No opinion |
No opinion |
Operation over Soap1.1 successfully tested. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
Used T2 instead of T1 with Entrust. |
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
5 |
5 |
No opinion |
|
Berin Lautenbach |
5 |
5 |
5 |
No opinion |
Used ValidateRequest for Entrust |
Rich Salz |
5 |
5 |
5 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
The same scenario as XKISS-T1 but with the messages wrapped in SOAP 1.2
envelopes.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
2 |
4 |
1 |
Entrust |
1 |
|
|
3 |
|
3 |
SQL Data |
|
|
|
2 |
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Averages:
Choices |
All responders: |
TL Server |
4.67 |
Entrust |
3.25 |
SQL Data |
4.67 |
ASF-XKMS |
5.00 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
Operation over Soap1.2 successfully tested. |
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
4 |
4 |
4 |
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
1 |
5 |
No opinion |
|
Rich Salz |
4 |
4 |
4 |
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
Similar to XKISS-T2 but with OpaqueClientData) A client wishes to check
whether a certificate supplied by a sender (Alice) in a message is valid or
not, so he sends the certificate chain to the XKMS service. The client adds
two instances of randomly generated OpaqueData to the request. The processing
mode is synchronous. The certificate is valid and it has not been revoked.
The resulting set of messages will consist of a Validate Request to the
server and the Validate Result returned reporting that the key binding has
successfully been checked. The OpaqueClientData in the result is identical to
the one included in the request.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
4 |
1 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Averages:
Choices |
All responders: |
TL Server |
5.00 |
Entrust |
4.00 |
SQL Data |
5.00 |
ASF-XKMS |
5.00 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
(Similar to XKISS-T2 but the request is signed and the client requests
return of request signature value) A client wishes to check whether a
certificate supplied by a sender (Alice) in a message is valid or not, so he
sends the certificate chain to the XKMS service. The client signs the request
with Bob's key and includes the corresponding verification key in the
request. The client indicates through the ResponseMechanism element that he
is prepared to receive the request signature value bytes in the result. The
processing mode is synchronous. The certificate is valid and it has not been
revoked. The resulting set of messages will consist of a Validate Request to
the server and the Validate Result returned reporting that the key binding
has successfully been checked. In addition, the request signature bytes match
those returned in the RequestSignatureValue element of the result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
4 |
1 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T16 but incorrect verification key is supplied) A client
wishes to check whether a certificate supplied by a sender (Alice) in a
message is valid or not, so he sends the certificate chain to the XKMS
service. The client signs the request with a key not known by the service.
The client indicates through the ResponseMechanism element that he is
prepared to receive the request signature value bytes in the result. The
processing mode is synchronous. The result indicates a non successful outcome
with a minor result code of NoAuthentication and the RequestSignatureValue is
not present.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Averages:
Choices |
All responders: |
TL Server |
5.00 |
Entrust |
4.00 |
SQL Data |
5.00 |
ASF-XKMS |
5.00 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|
(Similar to XKISS-T1 but with a response limit indication) Mandy is known
to have 10 encryption keypairs for use with S/MIME style e-mail all of which
are bound to mandy@example.com. A client wishes to obtain no more than 5 of
these keys. The processing mode is synchronous. The resulting set of messages
will consist of a Locate Request to the server and the Locate Result
returned. The minor result code has the TooManyResponses to indicate that
more bindings than the requested 5 were found. If the major result indicates
Success then the result contains no more than 5 key bindings. If the major
result code indicates Receiver then the result does not contain any key
bindings.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
4 |
1 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
4 |
1 |
ASF-XKMS |
|
|
|
|
1 |
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
5 |
In the case of SQLData, 5 bindings are returned with
the same key. I guess this is a question of how the DB is populated
(same key ten times as opposed to ten distinct keys) which is why I
mark this test as successful. |
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
5 |
No opinion |
5 |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to register an RSA key pair bound to his email address. He
generates an RSA key pair and sends a registration request to the XKMS
service provider using a shared secret: "secret", for key binding
authentication. The processing mode is synchronous, and the client provides
an X.509 distinguished name in a UseKeyWith for "rfc2459". The response
message indicates a successful key binding and there is an X.509 certificate
in the key binding.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to register a key generated by the XKMS server. He sends a
registration request to the XKMS service provider using a shared secret:
"secret", for key binding authentication. The processing mode is synchronous,
and the key is to be used with an email address. The XKMS server returns an
RSA key pair with encrypted private key. The resulting set of messages will
consist of two messages: a Register request and a Register response.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to get a new X.509 certificate. He sends a Reissue request
to the XKMS service. The key is specified in the payload either with a key
value or with the old cert. The shared secret is "secret", and the processing
mode is synchronous. The XKMS server returns a new certificate with new
validity interval in the response message, and the status of the key binding
is valid. The resulting set of messages will consist of four messages: an
initial Register request/response pair and a Reissue request/response
pair.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to recover his private key which he has forgotten. He
specifies the authorization code "secret" for the key recovery operation, and
an indeterminate key binding to his public key. The processing mode is
synchronous. The XKMS server returns the encrypted private key. The resulting
set of messages will consist of four messages: an initial Register
request/response pair and a Recover request/response pair.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to revoke a compromised key binding. The key was
registered with a revocation pass phrase. The processing mode is synchronous.
The revocation result is successful and the result key binding is invalid.
The resulting set of messages will consist of four messages: an initial
Register request/response pair and a Revoke request/response pair.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to revoke a compromised key binding. He uses the
authorization code "secret" for the key revocation operation. The processing
mode is synchronous. The revocation result is successful and the result key
binding is invalid. The resulting set of messages will consist of four
messages: an initial Register request/response pair and a Revoke
request/response pair.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but Two Phase)
A client wishes to register a key generated by the XKMS server. He sends a
registration request to the XKMS service provider using a shared secret:
"secret", for key binding authentication. The processing mode is two phase,
and the key is to be used with an email address. The XKMS server returns an
RSA key pair with encrypted private key. The resulting set of messages will
consist of two Register Requests to the server and two Register Results
returned.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but Asynchronous
A client wishes to register a key generated by the XKMS server. He sends a
registration request to the XKMS service provider using a shared secret:
"secret", for key binding authentication. The processing mode is
asynchronous, and the key is to be used with an email address. The XKMS
server returns an RSA key pair with encrypted private key. The client will
also send at least a Status Request. The resulting set of messages will
consist of at least six messages: An initial Register request/response pair,
at least a Status request/response pair, a Pending request and a final
Register result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but Asynchronous + Two Phase
A client wishes to register a key generated by the XKMS server. He sends a
registration request to the XKMS service provider using a shared secret:
"secret", for key binding authentication. The processing mode is
asynchronous, and the key is to be used with an email address. The XKMS
server returns an RSA key pair with encrypted private key. The client will
also send at least a Status Request. The resulting set of messages will
consist of at least eight messages: two Register request/response pairs,
corresponding to the Two Phase protocol, then at least a Status
request/response pair and then a Pending request and the final Register
result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make two registration requests simultaneously. The
processing mode is synchronous. The registration requests that will be made
correspond to the tests XKRSS-T1 and XKRSS-T2. The resulting set of messages
will consist of an outer Compound Request with two inner requests and an
outer Compound Result with two inner results.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make two registration requests simultaneously. The
processing mode is two phase. The registration requests that will be made
correspond to the tests XKRSS-T1 and XKRSS-T2. The resulting set of messages
will consist of two outer Compound Request with two inner requests and two
Compound Results, the first without inner results and the second containing
two.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make two registration requests simultaneously. The
processing mode is asynchronous. The registration requests that will be made
correspond to the tests XKRSS-T1 and XKRSS-T2. The client will send first a
Status Request. The resulting set of messages will consist of at least six
messages: an initial outer Compound Request with two inner requests and the
initial Compound Result; at least a Status Request and a Status Result; a
Pending Request and the final Compound Result with two inner results.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make two registration requests simultaneously. The
processing mode for the compound message is synchronous. The registration
requests that will be made correspond to the tests XKRSS-T1 and XKRSS-T2. The
inner client-generated RegisterRequest will be made synchronously and the
inner server-generated client request asynchronously. The client will send
first at least a Status Request for the inner asynchronous operation. The
resulting set of messages will consist of at least six messages: an initial
outer Compound Request with two inner requests and the initial Compound
Result with two inner results; at least a Status request-response pair and a
Pending request and a Register result.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
2 |
3 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
1 |
|
2 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
3 |
No opinion |
Inner aysnchronous requests are processed
synchronously. |
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but with a wrong shared secret)
A client wishes to register a key generated by the XKMS server. He sends a
registration request to the XKMS service provider using a wrong shared
secret: "notsecret", for key binding authentication. The processing mode is
synchronous, and the key is to be used with an email address. The resulting
set of messages will consist of two messages: a Register request and a
Resister response, with a minor result code of NoAuthentication.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
3 |
2 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
5 |
No opinion |
No opinion |
No opinion |
|
A client wishes to make a validate and a registration requests
simultaneously. The processing mode is synchronous. The validate request that
will be made correspond to the test XKISS-T2 and the registration one to the
test XKRSS-T2. The resulting set of messages will consist of an outer
Compound Request with two inner requests and an outer Compound Result with
two inner results.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
2 |
3 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
|
3 |
2 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
5 |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
5 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
5 |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but authenticating with private key instead of shared
secret)
A client wishes to register a key generated by the XKMS server using a
private key for key binding authentication. First he registers a key as in
XKRSS-T2 and then he sends another registration request to the XKMS service
provider using the private key received in the previous registration
operation for key binding authentication. The processing mode is synchronous,
and the key is to be used with an email address. The XKMS server returns an
RSA key pair with encrypted private key. The resulting set of messages will
consist of four messages: two Register request/response pairs.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
2 |
3 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
1 |
|
4 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
No opinion |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
4 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
No opinion |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but authenticating with not bound authentication)
A client wishes to register a key generated by the XKMS server. He sends a
registration request to the XKMS service provider using a Not Bound
Authentication (Protocol: "http://www.example.com/foo/protocol", Value:
encoded "secret"), for key binding authentication. The processing mode is
synchronous, and the key is to be used with an email address. The XKMS server
returns an RSA key pair with encrypted private key. The resulting set of
messages will consist of two messages: a Register request and a Resister
response.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
2 |
3 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
1 |
|
4 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
No opinion |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
4 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
No opinion |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|
(Similar to XKRSS-T2 but with a RetrievalMethod)
A client wishes to validate a certificate located at a network location
http://62.77.172.83:4080/certs/rsa-alice-at-example-cert.der as indicated by
a certificate holder (Alice). He sends a request specifying a RetrievalMethod
to the XKMS service. The certificate encoding type is
http://www.w3.org/2000/09/xmldsig#rawX509Certificate indicating a DER encoded
certificate object. The processing mode is synchronous. The certificate is
valid and it has not been revoked. The resulting set of messages will consist
of a Validate Request to the server and the Validate Result returned
reporting that the key binding has successfully been checked.
Test-suite
reference
Summary
(The results on your answers are bolded)
Choice |
All responders |
1 |
2 |
3 |
4 |
5 |
No opinion |
TL Server |
|
|
|
|
2 |
3 |
Entrust |
|
|
|
1 |
|
4 |
SQL Data |
|
|
|
1 |
|
4 |
ASF-XKMS |
|
|
|
1 |
|
4 |
Details
Responder |
TL Server |
Entrust |
SQL Data |
ASF-XKMS |
Comments |
Alvaro Guillermo |
5 |
No opinion |
No opinion |
No opinion |
|
Tommy Lindberg |
No opinion |
4 |
4 |
4 |
|
Roland Lockhart |
|
|
|
|
|
Vamsi Motukuru |
5 |
No opinion |
No opinion |
No opinion |
|
Berin Lautenbach |
No opinion |
No opinion |
No opinion |
No opinion |
|
Rich Salz |
|
|
|
|
|
Yunhao Zhang |
No opinion |
No opinion |
No opinion |
No opinion |
|