[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] suggested HoK URIs and namespace prefixes
On Mon, Aug 18, 2008 at 5:40 PM, Scott Cantor <cantor.2@osu.edu> wrote: > > The relevant distinctions tend to be more about the difference (if any) > between the relying party and the requester. > > As an example, there's no good reason why a profile has to address whether > one user can request a token to act as another. That's policy. The messages > would be the same (structurally) in either case. I'm not following you, Scott. In draft-02, I'm assuming that the presenter is the subject. This covers Nate's profile and the nonbrowser use case I have in mind. Can you give an example of a use case that does not involve the subject but still utilizes holder-of-key? Are you referring to the delegation issue that Eve raised earlier? Thanks, Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]