14.2 XKMS Common Data Elements

Previous page
Table of content
Next page

XKMS makes heavy use of a variety of elements from XML Digital Signature. For the additional structures it defines, all values are sent as element data.

Some common data elements are described in this section.

xkms:ResultCode

You use ResultCode an enumerated type to return result codes.

 <simpleType name="ResultCode">    <restriction base="string">       <enumeration value="Success"/>       <enumeration value="NoMatch"/>       <enumeration value="Incomplete"/>       <enumeration value="Failure"/>       <enumeration value="Refused"/>       <enumeration value="Pending"/>    </restriction> </simpleType>

  • "NoMatch" means the search prototype could not be found.

  • "Incomplete" means that only part of the requested information could be provided.

  • "Failure" does not specify a reason for failure.

  • "Pending" means that operation was queued for future processing.

xkms:AssertionStatus

You use the AssertionStatus element in responses to indicate the status of an assertion such as a key binding.

 <simpleType name="AssertionStatus" base="string">    <enumeration value="Valid"/>    <enumeration value="Invalid"/>    <enumeration value="Indeterminate"/> </simpleType>

xkms:Reason

The Reason element provides further details on the xkms:AssertionStatus. If the assertion status is "Valid" or "Indeterminate," this element lists those status aspects that have been determined to be "Valid" or "Indeterminate," respectively. If the assertion status was "Invalid," it lists the aspects that are either "Invalid" or "Indeterminate." Table 14-1 defines aspects of the XKMS Reason string.

Table 14-1. XKMS Reason Strings
Aspect String Definition
IssuerTrust The trust service believes in the assertion issuer.
Status The trust service has positively verified the status of the assertion with sources that it trusts, such as verified certificate revocation lists or an online certificate status server.
ValidityInterval The validity interval of the assertion includes the request.
Signature The signature (or signed data, such as a certificate) was verified.

xkms:Respond

The Respond element in a request specifies, through one or more strings, the elements desired in the response. They consist of XMLDSIG elements or the private key element specified in Section 14.4.2. An XKMS service may return additional data not requested. See Table 14-2.

The schema for the xkms:Respond element follows:

 Schema Definition: <element name="Respond" >    <complexType>       <sequence>          <element name="string" type="string"                   minOccurs="0"                   maxOccurs="unbounded"/>       </sequence>    </complexType> </element>

Previous page
Table of content
Next page
Secure XML(c) The New Syntax for Signatures and Encryption
Secure XML: The New Syntax for Signatures and Encryption
ISBN: 0201756056
EAN: 2147483647
Year: 2005
Pages: 186
Authors: Donald E. Eastlake, Kitty Niles
BUY ON AMAZON
Developing Tablet PC Applications (Charles River Media Programming)
Competency-Based Human Resource Management
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
802.11 Wireless Networks: The Definitive Guide, Second Edition
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy