[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Changes for Core 26
Steve, I don't understand your problem, the PEP will ask for the relevant resource and will know how it applies its case sensitivity rules. If FRED and fred are equivalent it will know that. Phill Phillip Hallam-Baker FBCS C.Eng. Principal Scientist VeriSign Inc. pbaker@verisign.com 781 245 6996 x227 > -----Original Message----- > From: Stephen Farrell [mailto:stephen.farrell@baltimore.ie] > Sent: Monday, February 11, 2002 10:33 AM > To: Hallam-Baker, Phillip > Cc: 'Scott Cantor'; 'Security-Services (E-mail)' > Subject: Re: [security-services] Changes for Core 26 > > > > Phill, > > > The *server* may treat the URLs to be equivalent by mapping them to > > the same resource. However from the point of view of the URI spec > > they are distinct. > > > > This was done because the lame UNIX file system is case sensitive. > > That's the point. A PDP that knows about "/PRIVATE" (and even > "/private" too!) is likely to give a bad answer when asked (by > Joe Public:-) about "/Private" and when the actual resource > is "really" case insensitive. Unless the PEP automagically > "knows" how the PDP has stored the URI then we've a problem. > > Now I don't know how to fix this in general, and agree its probably > too late to include some sort of heuristic semi-fix in saml 1.0 > (assuming we're sticking to 2396 for URI comparisons), but it > is still a real issue. > > Stephen. > > > -- > ____________________________________________________________ > Stephen Farrell > Baltimore Technologies, tel: (direct line) +353 1 881 6716 > 39 Parkgate Street, fax: +353 1 881 7000 > Dublin 8. mailto:stephen.farrell@baltimore.ie > Ireland http://www.baltimore.com >
Phillip Hallam-Baker (E-mail).vcf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC