Note

Date: Mar. 30, 2001
Link: http://www.w3.org/TR/xkms/
Source Author or Organization: VeriSign Inc, Microsoft Corporation, webMethods Inc.

XML Key Management Specification (XKMS) defines protocols for the registration and distribution of public keys. The keys may be used with XML Signatures, a future XML Encryption specification, or other public key applications for secure messaging.

XKMS is comprised of the XML Key Registration Service Specification (X-KRSS) and the XML Key Information Service Specification (X-KISS). Both protocols utilize Simple Object Access Protocol (SOAP), and Web Services Definition Language (WSDL) is used to define message relationships. The X-KRSS and X-KISS protocols are expressed using the W3C's XML Schema Language.

Web services using X-KRSS may accept registration of public key information. After a key pair is registered, it is usable via X-KISS or a higher level trust assertion such as XML Trust Assertion Service Specification (XTASS). X-KISS provides a trust service for resolution of public key information within XML Signature elements. This enables the client to delegate processing of the associated key information.

No underlying public key infrastructure is required, but the protocols are compatible with several, including Pretty Good Privacy (PGP), Public Key Infrastructure X.509 (PKIX) and Simple Public Key Infrastructure (SPKI).