[jira] [Updated] (CXF-5001) Support XKMS 2.0

Sun, 05 May 2013 00:56:17 -0700 

     [ 
https://issues.apache.org/jira/browse/CXF-5001?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Shakirin updated CXF-5001:
---------------------------------

    Attachment: xkms.patch
    
> Support XKMS 2.0
> ----------------
>
>                 Key: CXF-5001
>                 URL: https://issues.apache.org/jira/browse/CXF-5001
>             Project: CXF
>          Issue Type: New Feature
>          Components: Services
>            Reporter: Andrei Shakirin
>         Attachments: xkms.patch
>
>
> As it was already announced in 
> http://cxf.547215.n5.nabble.com/Thoughts-about-a-2-8-release-or-not-td5725179.html,
>  it could be useful to extend CXF security with support of XKMS 2.0 standard.
> XKMS will be contributed as a service (like STS and WS-Discovery) providing 
> standardized access to central public key infrastructure (PKI) including 
> lookup, validation, registration, reissuing and revocation of public keys.
> XKMS will help users to manage their certificates centrally instead storing 
> them into local keystores, that IMO best practice for middle/large service 
> landscapes.
> I have tried to describe the use case, architecture and design of XKMS 
> Service in CXF wiki:
> https://cwiki.apache.org/confluence/display/CXF20DOC/XML+Key+Management+Service+%28XKMS%29
> and in the blog: 
> http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.htm
>  .
> Attached is the first draft of XKMS service implementation supporting simple 
> File and LDAP storages and providing Web and OSGi deployment. Suggested 
> target CXF release for XKMS service will be 3.0. Code was designed and 
> implemented by me together with Christian Schneider (cschneider), reviewed 
> and refactored by Jan Bernhard (jbernhard) and donated by Talend company.
> Any feedback for this code is welcome. The next tasks will be support 
> revocation lists, complete validate operation for trusted chains, extend 
> system tests, support new key storages.
> Regards,
> Andrei.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to