OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] searching for a use case

 

> Okay, I'll accept that the middle endpoint could be inside 
> the firewall.  Can you give a real-world example of what this 
> endpoint might do?  Why is it in the middle?

TLS hardware (e.g. a standalone device that does TLS very well).

That said, I don't think this is the only possibility.   Even on
systems where the TLS endpoint is on the same system, there are 
still application and web server layers that you typically pass
through before you get to the actual entity that is processing
the data and there can be environments where they want this 
extra layer of protection).

Note that I'm not saying I would do this or recommend this.  Just
trying to rationalize how the spec reads to me.  

If I remember correctly this profile was developed with a 
particular governemnt application in mind and they claimed
to need this capability.  

Conor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]