OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Groups - draft-sstc-solution-profile-soap-02.pdf uploaded


Title: RE: [security-services] Groups - draft-sstc-solution-profile-soap-02.pdf uploaded

Frederick,

I agree with your comment about SOAP. It is true today that there are very few alternatives to SOAP, but in the future their might be more options. We should create standards that allow implementors to use future standards if they desire, so we should not make this a MUST.

I think something like SASL between SAML service and SAML authority would be more useful to consider because SASL provides a security mechanism abstraction layer and can be used with many security mechanisms including SOAP and others. I believe Liberty are also working on same approach, so maybe we can do same ?

Thanks, Tim.

-----Original Message-----
From: Frederick.Hirsch@nokia.com [mailto:Frederick.Hirsch@nokia.com]
Sent: 06 February 2004 18:28
To: drsecure@us.ibm.com; security-services@lists.oasis-open.org
Subject: RE: [security-services] Groups - draft-sstc-solution-profile-soap-02.pdf uploaded

Tony

Why require a MUST to use WSS: SOAP Message Security for the connection  between SAML service and SAML authority  (line 193, section 4.1).

What if TLS is used to obtain the security properties required? Why force SAML authority implementation of WSS SOAP Message Security?


regards,

Frederick

-----Original Message-----
From: ext drsecure@us.ibm.com [mailto:drsecure@us.ibm.com]
Sent: Thursday, February 05, 2004 11:51 AM
To: security-services@lists.oasis-open.org
Subject: [security-services] Groups -
draft-sstc-solution-profile-soap-02.pdf uploaded


The document draft-sstc-solution-profile-soap-02.pdf has been submitted by Anthony Nadalin (drsecure@us.ibm.com) to the OASIS Security Services TC document repository.

Document Description:
Corrected figures, bad PDF

Download Document: 
http://www.oasis-open.org/apps/org/workgroup/security/download.php/5330/draft-sstc-solution-profile-soap-02.pdf

View Document Details:
http://www.oasis-open.org/apps/org/workgroup/security/document.php?document_id=5330


PLEASE NOTE:  If the above links do not work for you, your email application may be breaking the link into two pieces.  You may be able to copy and paste the entire link address into the address field of your web browser.



To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.


To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]