Abstract:
This article introduces XKMS (XML Key Management Specification), gives an implementation of LDAP-based XKMS service. It uses improved mechanism of certificate revocation status and optimized data structure of LDAP directory and LDAP connection to support XKMS service. The XKMS service can provide key/certificate service for the application which is based on XML digital signature or XML encryption.
Key words:
XML key management specification (XKMS),
Lightweight directory access protocol (LDAP),
Public key infrastructure (PKI),
Web service
摘要: 介绍了XKMS规范,给出了一个基于LDAP目录服务的XKMS服务的实现过程。通过改进证书撤销状态验证机制以及对LDAP目录结构和数据连接的优化来更好地支持XKMS服务。实现的XKMS服务可以为基于XML数字签名或XML加密标准的应用程序提供良好的密钥/证书服务。
关键词:
XML密钥管理规范,
轻量级目录访问协议,
公钥基础设施,
Web服务
ZHONG Qiuyan; WANG Yuehong. Research and Implementation of LDAP-based XKMS Service[J]. Computer Engineering, 2007, 33(05): 149-151.
仲秋雁;王岳宏. 基于LDAP的XKMS服务的研究与实现[J]. 计算机工程, 2007, 33(05): 149-151.