World Wide Web Consortium Issues XML Key Management System (XKMS) 2.0 as a W3C Recommendation

XKMS 2.0 Adds Public Key Management to Web Applications, Web Services

Contact Americas, Australia --
Janet Daly, <janet@w3.org>, +1.617.253.5884 or +1.617.253.2613
Contact Europe, Africa and the Middle East-
Marie-Claire Forgue, <mcf@w3.org>, +33.492.38.75.94
Contact Asia --
Yasuyuki Hirakawa <chibao@w3.org>, +81.466.49.1170

(also available in French and Japanese; see also translations in other languages)

http://www.w3.org/ -- 28 June 2005 -- W3C has approved the XML Key Management System 2.0 (XKMS 2.0, XKMS 2.0 Bindings) as a W3C Recommendation. XKMS 2.0 is part of the W3C XML Security Framework, which includes the XML Signature, XML Encryption, and Canonical XML Recommendations. XKMS, a cornerstone of Web applications security, adds public key management to the W3C XML Security Framework.

Key Management is Essential for Web Services Security

Web applications and services security rely on interoperable components that make it possible to sign, seal, encrypt, and exchange electronic documents. All of these functions rely on management and processing of public keys. Before XKMS, these services lacked openly specified, non-proprietary interfaces (APIs). Today, XKMS offers an open, standards-based interface to key management services that has already demonstrated its utility in distributed enterprise security applications.

XKMS 2.0 Makes PKI Work Better between Enterprises

XKMS 2.0 makes public key infrastructure (PKI) practical to implement in Web applications, including Web services. Standards-based key management enables one to communicate identity across applications and systems, including in Web services applications operating across different trust boundaries.

Traditionally, the common PKI operations (public key certificate management, localization, parsing, and validation operations) are difficult to integrate into existing applications because they add overhead and must be hard-coded for a given PKI. XKMS 2.0 improves PKI deployment by delegating those operations to a server by means of low overhead protocols. At the same time, it is open enough to be used with any public certificate format, chosen by developers to meet application requirements.

XKMS 2.0 Streamlines Enterprise-Level Applications

In real world scenarios, XKMS 2.0 systems streamline enterprise-level applications. All decisions as to the type of public key certificate format, revocation, and so on can be handled directly at the server and transparently to the applications themselves. This will not only help third parties provide PKI operations in an interoperable way, it will also allow companies to install their own XKMS 2.0 servers for applications pertaining to local intranets. Furthermore, enterprises running XKMS 2.0 servers can handle key exchange and management at the server level, rather than at the client level, which makes for a single point of coordination, rather than requiring clients within an enterprise to be aware of each other.

Security Experts, Industry Leaders Drive XKMS 2.0 Development

XKMS 2.0 was developed by the W3C XML Key Management Working Group, and included W3C Members DataPower, Microsoft, Nokia, Oracle, Sun Microsystems, VeriSign and webMethods, along with invited experts co-chairs Stephen Farrell and Shivaram Mysore, Guillermo Alvaro Rey, Berin Lautenbach, Tommy Lindberg, Roland Lockhart and Yunhao Zhang. For more information on implementation and support of the new Recommendation, please review the XKMS 2.0 testimonials.

About the World Wide Web Consortium [W3C]

The W3C was created to lead the Web to its full potential by developing common protocols that promote its evolution and ensure its interoperability. It is an international industry consortium jointly run by the MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) in the USA, the European Research Consortium for Informatics and Mathematics (ERCIM) headquartered in France and Keio University in Japan. Services provided by the Consortium include: a repository of information about the World Wide Web for developers and users, and various prototype and sample applications to demonstrate use of new technology. To date, nearly 400 organizations are Members of the Consortium. For more information see http://www.w3.org/