OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Draft SSTC Meeting Minutes - 15-Jul-2008 w/Roll Call (attendance)


> > sc: no fundamental disagreement w/Nate, but there is a question (ques)
wrt
> > rules for requesting SubjectConfirmation (SubjConf), there's a ques wrt
> > syntax rules for requiring a HOK assertion -- so there's a ques on
whether
> > or not one always needs to pass SubjConf data in a request, and perhaps
the
> > same thinking applies to queries
> 
> Just to clarify, I believe Scott was saying that he and I were in
> fundamental agreement (which I think is a fair statement).  Evidently
> Nate hasn't had a chance to review the comments or the discussion.

Yes, that's what I meant. I didn't think there was any major contentious
debate in that thread, just discussing alternatives and noting possible
issues.

I will say though, and we didn't talk about it on the call, that the whole
issue of overlapping endpoints and the use of metadata probably needs some
discussion.

I don't have strong opinions about a "right" way to do it, but I can
certainly answer questions about how you can or can't do it.

-- Scott




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]