[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services]Groups-draft-sstc-solution-profile-soap-02.pdfuploaded
>I agree that there is a significant subset(superset?) of what we are talking >about that applies generally no matter what authentication mechanism is used. I meant further that in the simple use case of a client authenticating to the authority to get an assertion for itself, this is a basic SOAP exchange that's not much different than submitting a purchase order. IOW it's orthogonal to some extent in both the authentication and application axes. >Perhaps part of the confusion is, as has been pointing out previously by Rich >Salz and yourself, the lack of consistent use of the terms profile, binding, >and protocol. We are just trying to make sure that the SAML >protocols/bindings/profiles are factored in a way that enables and >appropriately leverages use of WSS in a SOAP Binding/Profile or whatever you >want to call it. Agreed. We just have to protect the independence of the spec such that one can use but doesn't have to use WSS to represent or secure the various entities and exchanges. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]