Technical Summary
DSKPP is a client-server protocol for initialization (and
configuration) of symmetric keys to locally and remotely accessible
cryptographic modules. The protocol can be run with or without
private-key capabilities in the cryptographic modules, and with or
without an established public-key infrastructure.
Two variations of the protocol support multiple usage scenarios.
With the four-pass variant, keys are mutually generated by the
provisioning server and cryptographic module; provisioned keys are
not transferred over-the-wire or over-the-air. The two-pass variant
enables secure and efficient download and installation of pre-
generated symmetric keys to a cryptographic module.
Working Group Summary
I would note that we seem to have had more discussion of issues
connected with XML style and semantics than on the problem. In
particular there does not seem to be a perfect answer to the
problem of how to manage versioning of XML protocols.
Media type review was initiated 4/22 by the AD.
Document Quality
The document is a product of the KEYPROV working group.
Personnel
Document Shepherd is Phillip Hallam-Baker. Tim Polk is
the responsible AD.
RFC Editor Note
Note that RFC 2781 should be an informative reference; normative reference should be ISO 10646
Reference as written in RFC 2781.
[ISO-10646] ISO/IEC 10646-1:1993. International Standard --
Information technology -- Universal Multiple-Octet
Coded Character Set (UCS) -- Part 1: Architecture and
Basic Multilingual Plane. 22 amendments and two
technical corrigenda have been published up to now.
UTF-16 is described in Annex Q, published as Amendment
1. Many other amendments are currently at various
stages of standardization. A second edition is in
preparation, probably to be published in 2000; in this
new edition, UTF-16 will probably be described in Annex
C.
Probably should refer to ISO 10646:2003???