|
The XKMS specification defines two Web Services. The XML Key Registration Service Specification supports operations that manage the life cycle of public key credentials. The XML Key Information Service Specification (X-KISS) supports query operations that obtain and validate public key credentials. An XKMS service may support X-KRSS operations, X-KISS operations, or both.
Before discussing how X-KRSS and X-KISS allow public key credentials to be obtained and managed, we first consider the credentials themselves. XKMS is designed to provide an interface to any form of PKI. As such, the credentials managed by the PKI might have the form of X.509 certificates, PGP key signings, or possibly some new form of credential yet to be defined. In order to avoid committing XKMS to the design decisions of any one PKI, a new PKI credential is defined: the key binding association.
A key binding association is an assertion that the holder of the private key corresponding to a specified public key is associated with one or more identities and Internet protocol addresses.
This somewhat abstract definition is best explained by way of an example. If Bob holds the private key corresponding to the public key X, a key binding association might be created to state that fact. For the purposes of communicating with Internet users, a key binding association linking a public key to a real-world name is rather less useful than one that links the public key to an e-mail address, online chat service, or other form of Internet address.
For example, the following example of a key binding states that a particular set of RSA public key parameters (a modulus and exponent value) may be used with the protocol S/MIME (described in RFC 2633) for e-mail sent to or received from the e-mail address bob@bobcorp.test:
<KeyBinding> <KeyInfo> <ds:KeyValue> <ds:RSAKeyValue> <ds:Modulus>4i0BEhQ8Jc4tjwZYbvtMyYfBrIGOMx34K4Cdo2pAzo GnV679FLmGHWnQy2cSj39hf5D1mIaPyD3j/33TdfglTaaKqp7IPf6ei754fOuI/r1HpX7uq sw+j9LC4Z7GnG3yoY/eBJOZ8TRwMnx+MkwmopXPVLvhMWRyiUOcO3SEkTE=</ds:Modulus> <ds:Exponent>AQAB</ds:Exponent> </ds:RSAKeyValue> </ds:KeyValue> <UseKeyWith Application="urn:ietf:rfc:2633" Identifier="bob@bobcorp.test" /> </KeyBinding>
The XKMS key-binding element makes use of the KeyInfo element defined in XML Signature to specify the public key credentials. In this particular case, the public key credentials consist of the actual RSA public key parameters that an e-mail client would use to send encrypted e-mail to Bob. In the general case, however, the key binding may include any of the credentials supported by the XML Signature KeyInfo element—for example:
An X.509 certificate
A PGP key
A SPKI certificate
The actual cryptographic parameters of the key
A new public key credential type
A location from which any of the above may be obtained
The key binding associates the public key credential with additional information that allows an application to use it—for example:
The cryptographic functions allowed for use with the credential: signature, encryption, and key exchange
The application protocols that the credential may be used with such as S/MIME secure e-mail, SSL transport layer security, or IPSEC
The earliest time the key binding information is valid and the time at which it has expired
The status of the key binding information
XKMS defines four elements that define either an actual instance of a key binding or a request for a key binding to be found or created:
KeyBinding A key binding instance issued by a trusted source that has been validated by that issuer
UnverifiedKeyBinding A key binding instance issued by an untrusted source that requires verification
QueryKeyBinding A template used to request a key binding instance using query by example
PrototypeKeyBinding A template specifying the requested parameters of a key binding to be registered
Table 8-2 describes the members of the KeyBinding element.
Item | Description |
---|---|
Id@ | A unique identifier for the key binding |
Status | The key binding status |
Status/StatusValue@ | A QName that specifies the status of the key binding. Allowable values are xkms:Valid, xkms:Invalid, and xkms:Indeterminate |
Status/ValidReason Status/InvalidReason Status/IndeterminateReason | Optional elements that specify the aspects of the key binding status that were determined to be valid, invalid, and indeterminate |
ValidityInterval | The validity interval in which the particular instance of the key binding has the specified validity |
ValidityInterval/NotBefore@ | The time instant at which the validity interval begins |
ValidityInterval/NotOnOrAfter@ | The time instant at which the validity interval has ended |
KeyInfo | The public key credentials to which the key binding association relates. The credentials may be specified as an actual key value, an X.509 certificate, PGP key signing, or any other form of public key credential supported by the XML Signature specification |
KeyUsage | A QName that specifies the cryptographic key uses for which the key may be used. Allowable values are xkms:Encryption, xksm:Signature, and xkms:Exchange |
UseKeyWith | The UseKeyWith element specifies a particular application and identifier with which the credentials specified in the key binding may be used |
UseKeyWith/Application | A URI that specifies the application protocol with which the credential may be used. The specification defines values to be used for commonly used security protocols such as S/MIME, SSL, and IPSEC; other protocols may be specified by defining an appropriate URI |
UseKeyWith/Identifier | Specifies the subject to which the credential corresponds within the specified application protocol |
PolicyIdentifier/Policy@ | A URI identifying the issuance policy |
The XKMS protocol is essentially a request-response protocol layered on SOAP, with optional embellishments described at the end of the chapter.
The request and result messages used in the individual XKMS operations share a common format. These common members are defined in Table 8-3.
Item | Description |
---|---|
Id@ | A unique identifier for the message |
Service@ | The service URI of the XKMS service |
Nonce@ | Randomly generated information that is used in the extended protocol processing options to defeat replay and denial of service attacks |
ds:Signature | An enveloped XML Signature that authenticates the XKMS message |
OpaqueClientData | Optional information supplied by the client in a request that is returned unmodified in the response |
Additional members are defined for request messages, allowing the client to specify the protocol options it supports, the types of and maximum quantity of information to be provided in the response, and additional information used in the extended protocol options. These additional members are described in Table 8-4.
Item | Description |
---|---|
ResponseMechanism | Specifies any extended protocol options supported by the client for this request, such as asynchronous processing or the two-phase protocol. Multiple ResponseMechanism values may be specified |
RespondWith | Specifies a data type that the client requests be present in the response, such as a key value, an X.509 certificate, or a certificate chain. Multiple RespondWith values may be specified |
PendingNotification | Optionally specifies a means of notifying completion of the operation when asynchronous processing is used |
OriginalRequestID@ | This attribute is used in the extended protocol to specify the Id attribute of the initial request in a multistage request |
ResponseLimit@ | The maximum number of key binding elements that the service should return in a response |
Additional members are defined for request messages, allowing the service to specify the result of the operation (success, failure, and so on) and binding the request to the response by means of the request Id. These additional members are described in Table 8-5.
Item | Description |
---|---|
ResultMajor | The principal result code of the XKMS operation |
ResultMinor | The secondary result code of the XKMS operation, giving additional information such as a reason for the result |
RequestId | The Id attribute of the corresponding request |
|