[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Distributed transaction scenario (and SAM LBasics slides)
Looking at slide 53. I don't think it is wrong, but I believe the more common case would be to simply provide an Attribute Assertion with some Subject Confirmation Method that the recipient can use.
There would be no real need for SSO or to set up a distributed session. The PDP just needs to know the user's attributes. Assuming the user can arrange to sign the SOAP transaction, he or she should be able to use a signature for subject confirmation method.
Hal
> -----Original Message-----
> From: Eve L. Maler [mailto:eve.maler@sun.com]
> Sent: Tuesday, June 11, 2002 1:59 PM
> To: Eve L. Maler
> Cc: security-services@lists.oasis-open.org
> Subject: Re: [security-services] Distributed transaction scenario (and
> SAML Basics slides)
>
>
> Yikes, let's try attaching the thing...
>
> Eve L. Maler wrote:
> > Slide 53 is the most directly relevant one, but I included
> the whole
> > thing because I've been periodically posting this
> presentation anyway...
> > This slide shows the motivation for attaching authentication and
> > attribute assertions to a payload containing a purchase
> order. Please
> > comment on whether there are additional scenarios that
> would deviate
> > from this relatively simple flow.
> >
> > By the way, if anyone sees anything inaccurate in the
> examples or text
> > of the preso as a whole, please let me know because I
> deliver this talk
> > relatively often and try to keep it up to date.
> >
> > Thanks,
> >
> > Eve
>
>
> --
> Eve Maler +1 781 442 3190
> Sun Microsystems XML Technology Center eve.maler @ sun.com
>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC