How does XDI address the complex security issues involved with cross-domain data sharing?
XDI is not a magic bullet for Internet security infrastructure. However it does introduce several potential new building blocks for such infrastructure, including: 1) a common scheme for persistent identification of data and data authorities (XRIs), 2) a common XML representation format for data interchange (the XDI meta-schema), and 3) machine-readable link contracts that can include publish-subscribe synchronization of security attributes, such as public key certificates. In addition, an XRI secure resolution protocol is under development by the OASIS XRI TC. Contributors to this effort believe that a broadly distributed public key infrastructure (PKI) may be an ideal Dataweb application. Certificate authorities and registration authorities could operate as Dataweb sites, and certificates could be shared, revoked, and updated using XDI link contracts. In any case, when XDI is bound to SOAP, the resulting Web service can apply existing and emerging Web services security standards, inc
