[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] DDDS RFCs, Liberty and SAML Metadata exchange protocol
John - As Scott already responded, your suggestion is most definitely in harmony with what is specified in Liberty's metadata discovery protocol. In fact, I suspect most people are going to use the well-known location mechanism. However, as Scott indicated, the question is if a providerID (be it an assertion producer or an assertion consumer) can be specified in such a way that is resolved to a well known location. I don't think this is a problem, but will look into it more. Thanks, Jahan ---------------- Jahan Moreh Chief Security Architect 310.286.3070 > -----Original Message----- > From: Linn, John [mailto:jlinn@rsasecurity.com] > Sent: Wednesday, September 17, 2003 5:27 AM > To: 'jmoreh@sigaba.com'; Scott Cantor; Jeff.Hodges@Sun.COM > Cc: security-services@lists.oasis-open.org > Subject: RE: [security-services] DDDS RFCs, Liberty and SAML Metadata > exchange protocol > > > I'd suggest allowing support for the well-known location mechanism as well > as the DNS-based approach for metadata acquisition, in case there are > deployment environments where the DNS is under separate administration, > outside the convenient control of those responsible for SAML deployment. > > --jl > > -----Original Message----- > From: Jahan Moreh [mailto:jmoreh@sigaba.com] > Sent: Tuesday, September 16, 2003 8:28 PM > To: Scott Cantor; Jeff.Hodges@Sun.COM > Cc: security-services@lists.oasis-open.org > Subject: [security-services] DDDS RFCs, Liberty and SAML Metadata > exchange protocol > > > > Scott and Jeff - > I took some time today to read the DDDS RFC set (3401-3405) as > well as NAPTR > RFC (2915). I think I understand these sufficiently to follow Liberty's > Metadata discovery specifications. It is still useful (though no longer > critical) to have a conversation with Peter Davis to clear up a > few things. > I am now very much leaning towards proposing that we use DDDS/DNS for > publishing SAML metadata. > > > Thanks for your guidance, > Jahan > > ---------------- > Jahan Moreh > Chief Security Architect > 310.286.3070 > > > > To unsubscribe from this mailing list (and be removed from the > roster of the > OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/security-services/mem bers/leave _workgroup.php. To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave _workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]