[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] [sec cons] notes on possibly relevant threads
I have been keeping some informal notes on discussion threads on the lists that're relevant wrt security considerations. I'd mentioned to Chris that I'd pass 'em along as part of his taking on the sec cons work, so here they are. these were meant to be used by myself, so they're admittedly cryptic, and (NOTE) don't encompass discussions that've happened since late Aug, and might not be complete or particularly relevant any longer (i.e. superseded). Your mileage may vary, etc. The threads are identified by subject line patterns I use to search my repository of security-*@oasis* msgs. Most threads are on the security-services list, but some might be on -bindings or -consider (I sort 'em all into one place, so I don't worry too much about which list). Some specific threads that I was looking at while putting draft-sstc-sec-consider-00 together have dates noted so I could be sure to ident the precise msg. Also, these notes aren't in any particular order. I suppose that at a minimum, going thru these threads is an act of due-diligence -- ensuring that all security-relevant notions that've been brought up in our discussions are duly noted in the security considerations doc/sections-of-docs. Again, our milage may vary, this isn't a complete list, portions may/are superseded, etc. thanks, JeffH ------ subject: *xml security gap* <-- sec consider & xmldsig subject: *digital signing in saml* <-- subject: Note on digital signing in saml* <-- subject: *encryp* subject: Defective sign & encrypt vis-a-vis SAML? <-- sec consider subject: *browser* <-- sec consider subject: Comparison of the two web browser discussions to: bindings <-- sec consider subject: *minut* <-- (at least one of the minutes of the bindings group had some sec cons discussions) subject: *artifact* <-- subject: *shibb artifact* <-- explicit sec cons Mon, 13 Aug 2001 15:07:47 -0400 mishra subject: *sec-consider-00* <-- explicit sec cons Tue, 14 Aug 2001 09:32:51 -0400 moses subject: *one time use saml artifact* <-- explicit sec cons Wed, 15 Aug 2001 10:14:25 -0400 mishra <-- expl. Priv Cons Subject: *InterCall Confirmation of Conference Call Reservation * Wed, 15 Aug 2001 18:17:43 -0400 section 4.1.5 of bindings-model-05 <-- explicit sec cons subject: *holderofkey* <--- sec cons? subject: First Contact <-- sec consider subject: RE: Consensus Draft schema and discussion papers (moses) subject: Update: Contributed doc. browser bindings incl. Shibboleth subject: protocol bindings <-- sec consider from: godik ------ end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC