This article has multiple issues. Please helpimprove it or discuss these issues on thetalk page.(Learn how and when to remove these messages) This article includes alist of references,related reading, orexternal links,but its sources remain unclear because it lacksinline citations. Please helpimprove this article byintroducing more precise citations.(September 2017) (Learn how and when to remove this message) This articlerelies excessively onreferences toprimary sources. Please improve this article by addingsecondary or tertiary sources. Find sources: "XKMS" – news ·newspapers ·books ·scholar ·JSTOR(September 2017) (Learn how and when to remove this message) (Learn how and when to remove this message)

XML Key Management Specification (XKMS) uses theweb services framework to make it easier for developers to secure inter-application communication usingpublic key infrastructure (PKI).XML Key Management Specification is a protocol developed byW3C which describes the distribution and registration of public keys. Services can access an XKMS compliantserver in order to receive updated key information forencryption and authentication.

XKMS consists of two parts:

X-KISS

XML Key Information Service Specification

X-KRSS

XML Key Registration Service Specification

The X-KRSS defines the protocols needed to register public key information. X-KRSS can generate the key material, making key recovery easier than when created manually.

The X-KISS outlines the syntax that applications should use to delegate some or all of the tasks needed to process the key information element of an XML signature to a trust service.

In both cases the goal of XKMS is to allow all the complexity of traditional PKI implementations to be offloaded from the client to an external service. While this approach was originally suggested by Diffie and Hellman in their New Directions paper this was generally considered impractical at the time leading to commercial development focusing on the certificate based approach proposed byLoren Kohnfelder.

The team that developed the original XKMS proposal submitted to the W3C includedWarwick Ford,Phillip Hallam-Baker (editor) andBrian LaMacchia. The architectural approach is closely related to the MIT PGP Key server originally created and maintained by Brian LaMacchia. The realization in XML is closely related toSAML, the first edition of which was also edited by Hallam-Baker.

At the time XKMS was proposed no security infrastructure was defined for the then entirely newSOAP protocol for Web Services. As a result, a large part of the XKMS specification is concerned with the definition of security 'bindings' for specific Web Services protocols.

• XML Signature andXML Encryption, two other W3C standards used by the XKMS protocol.

• XKMS at SQLData
• XKMS at the W3C
• XKMS at Entrust
• XKMS at Markup Security

• Cryptographic protocols
• Computer network security
• Cryptography standards
• XML-based standards

• Articles with short description
• Short description matches Wikidata
• Articles lacking in-text citations from September 2017
• All articles lacking in-text citations
• Articles lacking reliable references from September 2017
• All articles lacking reliable references
• Articles with multiple maintenance issues