OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Marlena's vote on 12


 ISSUE:[UC-12-01:Confidentiality]

 b) C&I protection is optional (but encouraged).

 ------------------------------------------------------------------


 ISSUE: [UC-12-02:ConfidentialMessages]


 c) C&I protection shall be specified both within the SAML message
 format and
 within protocol bindings. Deployments can choose the appropriate solution.

 ------------------------------------------------------------------


 ISSUE:[UC-12-03:EncryptionNow]


 a) Integrity protection shall use XML DSIG, and confidentiality
  protection shall not be available.

Comment: I agree with Nigel: the protocol binding can/should
provide for confidentiality for the time being.

 ------------------------------------------------------------------


 ISSUE:[UC-12-04:EncryptionLater]

 When the XML Encryption standard is published:


 b) SAML shall be revised to use XML Encryption.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC