[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: S2ML 0.7a questions
Hi, I have just gone thrue the S2ML 0.7a draft. Unfortunately I have severe problems understanding how it works when applied to the very interesting User-Driven Scenario described on page #3 and I wonder if anyone can help me? 1. After the user have clicked on the SiteB link a number of things happen which is only very briefly described. In Particular: "The security token that travels with the user as a HTTP-header" How do browser clients transport server-initiated HTTP-header data to SiteB after what I assume must be a HTTP 301 - redirect? 2. Regarding HTTP-binding (page25) I have difficulties understanding what is going on. "The receiver will decrypt and verify the S2ML header payload". Does this imply that the receiver has a shared key with the sender? How can it verify? Against what? Best Regards Anders Rundgren +46 70-6277437
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC