[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [dss] Authentication requirement and having separate bindings/profiles
A while back, Robert suggested a requirement about authentication - http://lists.oasis-open.org/archives/dss/200301/msg00032.html Where do we stand on that? What about doing like SAML, and having a "Core" protocol spec which needs "Bindings and Profiles" to nail down bindings details for the core protocol (such as transport, security, and authentication); and to nail down profile details for how the signatures that the core protocol produces are incorporated into application protocols. For example, a binding for using DSS to produce signed emails might use HTTP or BEEP as a transport, and TLS and SASL for security. A binding for using DSS to protect XML documents might use SOAP as a transport, and WS-Security and/or SAML for security. Trevor ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]