OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Core 10 Draft document


All,

	As promised a preliminary draft with the changes to the spec from
the whiteboard and the revised schema.

	The schema has been changed somewhat, however all the changes are to
fix obvious bugs or to reorder elements so that the schema matches the order
of the document.

	The errors fixed were to remove the definition of elements of
certain abstract types that are not intended for actual use (Assertion,
Request, Response) and to create elements of the three defined assertion
types.

	I also removed the author list since the schema is in the draft that
has a separate author list.

	Some remaining issues:

1) HolderOfKey in place of Authenticator
	This was discussed at the F2F but I don't think that there was a
consensus to change. HolderOfKey is tied to the idea of cryptographic
Authentication, what about biometrics?

2) Abstract AuthenticatorData type
	The Authenticator/HolderOfKey element has a slot for opaque data for
use with specific auth schemes. It was pointed out that this should probably
be extensible in the same manner as other elements.

3) Use of element/ref definitions
	Still some work to be done here, when to use a ref and when to
define an element type?

4) AcceptXMLNS
	See my earlier post, we need a mechanism to allow the client to tell
the server what syntactic extensions are understood. Some may argue we also
need a means of allowing the client to communicate different semantic
interpretation of the data, however if so (I am doubtful) that would be a
separate dimension.

5) Descriptive text
	Quite a few elements are lacking descriptive text, will take this
from wherever it can be found for the core11 draft.

Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227

Phillip Hallam-Baker (E-mail).vcf

draft-sstc-core-10.doc



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC