XKMS - XML Key Management Specification - Yenra

XML-based Specification to Enable Interoperable Digital Signatures and Encryption for B2B and B2C Transactions

VeriSign, Microsoft, and webMethods today introduced a breakthrough XML-based framework -- the XML key management specification (XKMS) -- to enable a broad range of software developers to seamlessly integrate digital signatures and data encryption into e-commerce applications. To accelerate the development of applications incorporating these advanced technologies, the XKMS specification -- jointly designed and prototyped by VeriSign, Microsoft and webMethods with industry support from other technology leaders -- was made publicly available today and will be submitted to the appropriate Web standards bodies for consideration as an open Internet standard. In addition, XKMS will be built into the Microsoft(R).NET architecture to ensure broad and rapid adoption of this framework in both B2B and B2C environments.

The new XKMS specification revolutionizes the development of trusted B2B and B2C applications by introducing an open framework that enables virtually any developer to easily access applications from any public key infrastructure products and services. With the XKMS specification, developers are able to integrate advanced technologies such as digital signature handling and encryption into their web-based applications. The XKMS specification promotes the interoperability of advanced technologies because it is based on XML, a rapidly growing standard for application development.

"For the next generation of e-commerce applications to truly support high-value transactions, the handling of digital keys for online authentication, digital signatures and data encryption must be simple to integrate and must interoperate across a broad range of enterprise applications," said Warwick Ford, Chief Technology Officer for VeriSign. "Together with our partners Microsoft and webMethods, we are pleased to make public the XKMS specification to fast-track the development of new and exciting Internet applications."

Currently, developers choosing to enable applications to handle digital keys for authentication and digital signatures are often required to purchase and integrate specialized toolkits from a Public Key Infrastructure (PKI) software vendor which only interoperate with that vendor's PKI offerings. Functions such as digital certificate processing, revocation status checking, and certification path location and validation are all built into the application via the toolkit. With the new XKMS specification, those functions are no longer built into the application but instead reside in servers that can be accessed via easily programmed XML transactions. The XKMS architecture, along with the recently drafted XML digital signature standards and the emerging XML encryption standard, provides a complete framework for ensuring broad interoperability across applications developed by enterprises, B2B exchanges and other Internet communities of interest. XKMS is also compatible with the emerging standards for Web Services Description Language (WSDL) and Simple Object Access Protocol (SOAP).

"As the demand for emerging Internet applications continues to grow, the need to build and offer secure services for changing technologies, such as XML, is becoming more and more critical," said David Turner, product manager for XML Technologies at Microsoft Corp. "XKMS, which will be built in to the Microsoft.NET architecture, will revolutionize the way developers incorporate trust services into their XML applications by enabling integration through a single and open interface in a matter of days while avoiding the need for specialized software toolkits."

"A new standard for the XML-based trust services architecture will enable trust through stronger authentication and will ultimately help deliver XML's promise of expanded e-commerce across the board -- thus making B2B integration technology faster and easier to deploy, as well as making massive industrial exchanges more manageable," said Jeremy Epstein, Principal Security Architect, webMethods.