security-services message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: RE: Request for clarification
- From: Hal Lockhart <hal.lockhart@entegrity.com>
- To: "'Kawamoto, Shirley'" <SKawamoto@hitachisoftware.com>,"Security-Services (E-mail) (E-mail)" <security-services@lists.oasis-open.org>
- Date: Thu, 26 Jul 2001 11:21:34 -0400
Title: Request for clarification
you
will see that what you are asking about is a Credentials
Assertion.
The
Authentication Assertion is a report of an authentication event which occured in
the past. The request for an Authentication Assertion is not in of itself an
authentication act.
The TC
voted to break off the work activity around the Credentials Collector and
Credentials Assertion into a separate sub group. This group is being led by
Stephen Farrell. There have been no recent reports of progress by this group. If
you are interested in this area you might want to contact Stephen and offer to
help.
The
way SAML is intended to work at the moment is the authentication occurs between
the System Entity (typically a user) making a request and the Authentication
Authority, by means specified outside of SAML, e.g. HTTP basic authentication,
SSL with client certificates, etc. Other entities can request an Authentication
Assertion describing that event as well as Attribute Assertions describing the
System Entity.
Hal
As someone who is new to this group, I hope you'll
forgive me for asking some questions that may have some obvious
answers.
If a user is authenticating via userID and
password, where is the password passed in the authentication query? What form
does it take?
If a user is being authenticated with public key
techniques (but something other than SSL client authentication) where are the
challenge and the signature on the challenge stored? What form do they
take?
Thanks,
Shirley
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC