Open Issues AuthData and ProvisioningData are opaque Details are left to the application AuthData and ProvisioningData are Mandatory fields If these parameters are added to the protocol, should they remain in the CT-KIP WS definition? Advantage is it allows authentication to be maintained within the Web session. If so, then these parameters should be made Optional CT-KIP request and response PDUs are Base64 encoded blobs, which hide PDU details Intent was for PDUs to be encapsulated by the SOAP messages PDUs are sent as XML Strings Design supports cryptographic tokens with small footprints and performance optimization Version information is missing |