1st Annual PKI Research Workshop: XKMS Panel www.cs.dartmouth.edu/~pki02/XKMS-panel.shtml
Last modified: 08/03/02 05:16:40 PM

Summary by Ben Chinowsky, Internet2

Phillip Hallam-Baker, one of the architects of XKMS, opened the discussion by describing the central idea of XKMS as to remove complexity — especially the complexity of path discovery — from the client, so that it doesn't have to be concerned with anything more than "I want to talk to Alice." While agreeing that XKMS could prove useful in hiding complexity from the user, and that offloading path validation might be useful in enabling PKI on computationally weak devices such as cell phones, Tim Polk countered that most desktop machines can handle path validation just fine. Polk is also suspicious of "unified field theories" in general, and XKMS's aspiration to be the unified field theory for PKI in particular. He's also skeptical about the claim that XML is superior to ASN.1 as a format for PKI — while ASN.1 is complex, so is XML, and ASN.1 is "the devil we know," as well as being better at describing "bit-for-bit identity." Blair Dillaway, another coauthor of the XKMS technical note (www.w3.org/TR/xkms/), cited Microsoft's interest in using XKMS to develop its digital rights management and delegation system, which is based on XRML, in a more open and flexible direction. MIT's Dan Greenwood argued that XKMS fails to address key business and legal issues. While "public key technologies are best tailored to support and reflect existing business and legal infrastructures — that is where trust is created," XKMS appears to be centrally concerned with "stranger to stranger" authentication. Greenwood cited LegalXML and his own actuarinet.mit.edu as exemplifying a better approach.

Eric Norman opened the questions by asking, "what is trust?" Hallam-Baker replied that trust is quantification of risk. Greenwood objected that, while it would be nice if a workable definition of trust could be so simple, the concepts of a trusted third party and nonrepudiation are also necessary. Tim Polk concurred that there is an irreducibly subjective and unquantifiable aspect to trust — we just have to live with it. Hallam-Baker noted that XKMS tools are now available in VeriSign's Trust Services Integration Kit, and stressed the importance of SOAP as the key to interoperability among SAML, GXA and other standards for security information.


Back to Home Page Maintained by Sean Smith, sws@cs.dartmouth.edu