[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Comments on Tech Overview rev 13
Fair enough, I'll revise accordingly
paul
Tom Scavo wrote:
> It was awhile ago, but if I recall, Scott subsequently corrected me
> (and I think he's right).
>
> Tom
>
> On 7/19/07, Paul Madsen <paulmadsen@rogers.com> wrote:
>> Thaks Tom, that would be my view as well - but in the past thread you
>> appear to be arguing the opposite for the 'resource' steps :-)
>>
>> ---------------------------------------------------------------------------------------------------
>>
>> Tom Scavo wrote
>>
>> >> Eve wrote
>>
>> > > - Sec 4.1.2, Figure 12 (and globally throughout all the figures): I
>> > > suspect the arrow for step 1, "Access resource", is supposed to be
>> > > dotted, not solid, because it's out of band for SAML. (This is
>> > > probably a bug of long standing -- I'm sorry!)
>>
>> My interpretation is just the opposite. By all indications, steps 1
>> and 7 are in band and in scope. In particular, see sections 4.1.3.1
>> and 4.1.3.6 in SAMLProf.
>> ---------------------------------------------------------------------------------------------------
>>
>>
>> paul
>>
>> Tom Scavo wrote:
>> > Paul, I think a dotted line should signify a step that is out of
>> > scope. In that case, all four of the steps you mentioned would be
>> > represented by dotted lines, I believe.
>> >
>> > That's my two cents worth, anyway. :-)
>> >
>> > Tom
>> >
>> > On 7/19/07, Paul Madsen <paulmadsen@rogers.com> wrote:
>> >> Finally getting to my graphic editing AI
>> >>
>> >> The various sequence diagrams have some or all of the following
>> message
>> >> steps
>> >>
>> >> - Access Resource
>> >> - Challenge for credentials
>> >> - User Login
>> >> - Supply resource
>> >>
>> >> Was it the agreement that the first & last are to be drawn as solid
>> >> lines? And the middle 2 as dotted?
>> >>
>> >> Paul
>> >>
>> >> Tom Scavo wrote:
>> >> > On 3/11/07, Eve L. Maler <Eve.Maler@sun.com> wrote:
>> >> >>
>> >> >> >> I personally don't think we need to hew to this rule.
>> >> >> >
>> >> >> > That's fine. It's mostly pedagogical and not worth quibbling
>> >> about in
>> >> >> > general. I personally find this to be a useful rule when
>> writing
>> >> >> > documentation and so forth since it leads to reasonably complete
>> >> >> > end-to-end flows that novices can understand.
>> >> >>
>> >> >> I'm game to change it -- if Paul feels like doing the graphic
>> >> >> editing! But I don't feel it's absolutely essential unless
>> >> >> something thinks we're making it more confusing this way.
>> >> >
>> >> > I'm okay with the single "swoopy arrow" :-) but did we agree that
>> >> > steps 1 and 7 should be represented by a solid line? That's my
>> main
>> >> > concern.
>> >> >
>> >> > Thanks,
>> >> > Tom
>> >> >
>> >> >
>> >>
>> >> --
>> >> Paul Madsen e:paulmadsen @ ntt-at.com
>> >> NTT p:613-482-0432
>> >> m:613-302-1428
>> >> aim:PaulMdsn5
>> >> web:connectid.blogspot.com
>> >>
>> >>
>> >
>> >
>>
>> --
>> Paul Madsen e:paulmadsen @ ntt-at.com
>> NTT p:613-482-0432
>> m:613-302-1428
>> aim:PaulMdsn5
>> web:connectid.blogspot.com
>>
>>
>
>
--
Paul Madsen e:paulmadsen @ ntt-at.com
NTT p:613-482-0432
m:613-302-1428
aim:PaulMdsn5
web:connectid.blogspot.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]