Return-Path: 
 <issues-return-25439-apmail-cxf-issues-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-issues-archive@www.apache.org
Delivered-To: apmail-cxf-issues-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id B64E210D02
	for <apmail-cxf-issues-archive@www.apache.org>;
 Sun,  5 May 2013 07:56:16 +0000 (UTC)
Received: (qmail 33066 invoked by uid 500); 5 May 2013 07:56:16 -0000
Delivered-To: apmail-cxf-issues-archive@cxf.apache.org
Received: (qmail 32879 invoked by uid 500); 5 May 2013 07:56:16 -0000
Mailing-List: contact issues-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@cxf.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@cxf.apache.org>
List-Post: <mailto:issues@cxf.apache.org>
List-Id: <issues.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list issues@cxf.apache.org
Received: (qmail 32823 invoked by uid 99); 5 May 2013 07:56:16 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 05 May 2013 07:56:16 +0000
Date: Sun, 5 May 2013 07:56:15 +0000 (UTC)
From: "Andrei Shakirin (JIRA)" <jira@apache.org>
To: issues@cxf.apache.org
Message-ID: <JIRA.12646119.1367740376041.270504.1367740575911@arcas>
In-Reply-To: <JIRA.12646119.1367740376041@arcas>
References: <JIRA.12646119.1367740376041@arcas>
Subject: [jira] [Updated] (CXF-5001) Support XKMS 2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/CXF-5001?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrei Shakirin updated CXF-5001:
---------------------------------

    Attachment: xkms.patch
    
> Support XKMS 2.0
> ----------------
>
>                 Key: CXF-5001
>                 URL: https://issues.apache.org/jira/browse/CXF-5001
>             Project: CXF
>          Issue Type: New Feature
>          Components: Services
>            Reporter: Andrei Shakirin
>         Attachments: xkms.patch
>
>
> As it was already announced in http://cxf.547215.n5.nabble.com/Thoughts-about-a-2-8-release-or-not-td5725179.html, it could be useful to extend CXF security with support of XKMS 2.0 standard.
> XKMS will be contributed as a service (like STS and WS-Discovery) providing standardized access to central public key infrastructure (PKI) including lookup, validation, registration, reissuing and revocation of public keys.
> XKMS will help users to manage their certificates centrally instead storing them into local keystores, that IMO best practice for middle/large service landscapes.
> I have tried to describe the use case, architecture and design of XKMS Service in CXF wiki:
> https://cwiki.apache.org/confluence/display/CXF20DOC/XML+Key+Management+Service+%28XKMS%29
> and in the blog: http://ashakirin.blogspot.de/2013/04/cxf-security-getting-certificates-from.htm .
> Attached is the first draft of XKMS service implementation supporting simple File and LDAP storages and providing Web and OSGi deployment. Suggested target CXF release for XKMS service will be 3.0. Code was designed and implemented by me together with Christian Schneider (cschneider), reviewed and refactored by Jan Bernhard (jbernhard) and donated by Talend company.
> Any feedback for this code is welcome. The next tasks will be support revocation lists, complete validate operation for trusted chains, extend system tests, support new key storages.
> Regards,
> Andrei.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira