Cryptographic security is based on keys. Both authentication (covered in Part III) and confidentiality (covered in Part V) depend on keying and use the KeyInfo XML element, which is described in depth in Chapter 13.
A wide variety of keys exist: some are shared, some come in private/public pairs, and some are dynamically agreed to by the communicating parties. For many systems, the task of locating the key needed and determining that it is currently valid and trusted can prove complex and difficult. To offload this task from lightweight clients, such as personal digital assistants (PDAs), an XML Key Management protocol is under development. Chapter 14 gives an overview of the state of that ongoing effort.