[jira] [Updated] (CXF-5001) Support XKMS 2.0

Tue, 21 May 2013 00:51:20 -0700 

     [ 
https://issues.apache.org/jira/browse/CXF-5001?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Shakirin updated CXF-5001:
---------------------------------

    Affects Version/s: 3.0.0
        Fix Version/s: 3.0.0
    
> Support XKMS 2.0
> ----------------
>
>                 Key: CXF-5001
>                 URL: https://issues.apache.org/jira/browse/CXF-5001
>             Project: CXF
>          Issue Type: New Feature
>          Components: Services
>    Affects Versions: 3.0.0
>            Reporter: Andrei Shakirin
>            Assignee: Andrei Shakirin
>             Fix For: 3.0.0
>
>         Attachments: xkms.patch
>
>
> Talend is happy to donate the initial XKMS 2.0 implementation to Apache CXF 
> as part of this Jira.
> XKMS will be contributed as a service (like STS and WS-Discovery) providing 
> standardized access to central public key infrastructure (PKI) including 
> lookup, validation, registration, reissuing and revocation of public keys.
> XKMS will help users to manage their certificates centrally instead storing 
> them into local keystores, that IMO best practice for middle/large service 
> landscapes.
> I tried to describe the use case, architecture and design of XKMS Service in 
> CXF wiki:
> https://cwiki.apache.org/confluence/display/CXF20DOC/XML+Key+Management+Service+%28XKMS%29
> and in the blog: 
> http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.html
>  .
> Attached is the initial draft of XKMS service implementation supporting X509 
> public keys, simple File and LDAP storages and providing Web and OSGi 
> deployment. Suggested target CXF release for XKMS service will be 3.0. Code 
> was designed and implemented by me together with Christian Schneider 
> (cschneider), reviewed and refactored by Jan Bernhard (jbernhard) and donated 
> by Talend company.
> Any feedback for this code is welcome. The next tasks will be support 
> revocation lists, complete validate operation for trusted chains, extend 
> system tests, support new key storages.
> Regards,
> Andrei.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to