[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Proposal to add new AuthenticationMethod
---------------------------
Jahan Moreh
Chief Security
Architect
tel: 310.286.3070
fax: 310.286.3076
-----Original Message-----
From: Hal Lockhart [mailto:hal.lockhart@entegrity.com]
Sent: Thursday, April 04, 2002 8:34 AM
To: 'jmoreh@sigaba.com'; security-services@lists.oasis-open.org
Subject: RE: [security-services] Proposal to add new AuthenticationMethodI agree with this, but the URI: should be consistent with current scheme for things defined in RFCs. See below.
> With this email I'd like to propose that we add an identifier
> for Secure
> Remote Password (SRP) protocol (specified in RFC 2945) to the list of
> AuthhenticationMethods. Brifely, SRP is based on Diffie-Hellman and
> provides a more secure way of authenticating based on a
> password (or for
> that matter any number of secrets). The proposed change
> would be to add
> the following to section 7.1 of Core:
>
> Secure Remote Passowrd (SRP)
> URI: urn:oasis:names:tc:SAML:1.0:am:SRPFor consitency this should be:
URI: urn:ietf:rfc:2945
> The authentication was performed by means of Secure Remote Password
> protocol as specified in RFC 2945Hal
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC