Key management
Key information is very complex:
keys should be “managed” (registered, revoked, etc)
often done by public or private service providers
complex “trust policy” must be established
XML Sig/Enc includes information about a key, but…
it is not obligatory
it is not clear whether the key can be trusted
The client may use X-KISS
XML Key Information Service Specification
client is relieved from the complexity of key checking
Ivan Herman
, W3C Head of Offices
© 1994-2004, W3C (MIT,ERCIM,Keio)
$Date: 2004/03/11 12:07:24 $
17 (20)
