摘要
XML密钥管理规范XKMS是基于XML的PKI,具有XML的互操作性和PKI的安全性等特点。它包括XML密钥注册服务规范X-KRSS和XML密钥信息服务规范X-KISS两部分,能提供公钥的注册、验证、查询、撤消、恢复等功能。XKMS支持客户端把公钥信息的处理委托给信任服务,降低了客户端配置的复杂度,有利于PKI的大规模部署。同时PKI和XML的互补,为应用提供了可以互操作的安全基础设施。
XML Key Management Specification(XKMS) is a XML-based PKI, it has the interoperability ofXML and the security of PKI. XKMS consists of XML KeyRegistration Service Specification (X-KRSS) and XML KeyInformation Service Specification (X-KISS), which providethe public key registration, validation, location, revocationand recovery functions. XKMS allows a client to delegatepublic key information to a Trust service, and lowers thecomplexity of the client configuration ,which makes for thedeployment of the PKI on a large scale. At the same time,XML and PKI complement each other provides aninteroperable security infrastructure for applications.
出处
《信息技术与标准化》
2003年第8期19-21,共3页
Information Technology & Standardization
