iaik.xkms
Interface ValidateRequest

All Superinterfaces:

XKISSRequest, XMessageAbstractType, XRequestAbstractType

public interface ValidateRequest
extends XKISSRequest

Request key information and expect assertion to specific validation criteria.

[153] The X-KISS Validate Service allows all that the Locate Service does, and in addition, the client may obtain an assertion specifying the status of the binding between the public key and other data, for example a name or a set of extended attributes. Furthermore the service represents that the status of each of the data elements returned is valid and that all are bound to the same public key. The client sends to the XKMS service a prototype containing some or all of the elements for which the status of the key binding is required. If the information in the prototype is incomplete, the XKMS service MAY obtain additional data required from an underlying PKI Service. Once the validity of the key binding has been determined the XKMS service returns the status result to the client

[161] A Validation service undertakes to only return information which has been positively validated by the XKMS Service as meeting specific validation criteria. A client MAY rely on the information returned by the service without further validation provided that the client has a means to determine that the information returned is authentic and is assured that the validation service applied the means of validation appropriate to the circumstances.

[162] The Validate service provides a key discovery and validation function that produces a results which are each specific to a single set of validation criteria.

[223] The Validate service allows the client to query the binding between a <ds:KeyInfo> element and other data such as an identifier. The client supplies a prototype for the key binding requested. The prototype may specify either a <ds:KeyInfo> element or one or more <UseKeyWith> elements or both. If the validate request is successful the server returns one or more <KeyBinding> elements that meet the criteria specified in the request.

[224] The validate request message contains a <ValidateRequest> element:
<QueryKeyBinding> [Required]
The key binding query to be matched in the response.

Method Summary

Methods inherited from interface XKISSRequest

getQueryKeyBinding, setQueryKeyBinding

Methods inherited from interface XRequestAbstractType

acceptPending, acceptRepresent, acceptRequestSignatureValue, addRespondWith, addResponseMechanism, getOriginalRequestId, getPendingNotification, getRespondWith, getResponseLimit, getResponseMechanism, removeRespondWith, removeResponseMechanism, setOriginalRequestId, setPendingNotification, setResponseLimit

Methods inherited from interface XMessageAbstractType

addDefaults, addOpaqueClientData, clearOpaqueClientData, getId, getMessageName, getNonce, getOpaqueClientData, getRequestSignatureValue, getService, getSignatureCertificate, hasSignature, isValid, setId, setNonce, setService, setSignature, toString