[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [wss] WSS-Core-04-1117 Contribution
Lets put it on the agenda for the call Tuesday and at the F2F as there are different ways proceed on this subject. Anthony Nadalin | work 512.436.9568 | cell 512.289.4122 |---------+----------------------------> | | "Phillip H. | | | Griffin" | | | <phil.griffin@asn| | | -1.com> | | | | | | 12/01/2002 03:43 | | | PM | |---------+----------------------------> >----------------------------------------------------------------------------------------------------------------------------------------------| | | | To: Anthony Nadalin/Austin/IBM@IBMUS | | cc: "[OASIS WSS]" <wss@lists.oasis-open.org> | | Subject: Re: [wss] WSS-Core-04-1117 Contribution | | | | | >----------------------------------------------------------------------------------------------------------------------------------------------| Not exactly. The schema for XCBF message allows them to be encoded using BER/DER or XML markup. So the binary representation for this token is the same, but the XML markup representation is not. In effect, BinarySecurityToken is a subset of XCBFSecurityToken. The XML markup representation of XCBF messages is not based on the W3 schema. The signature and encryption processing is not based on XML Signature and XML Encryption. And for security reasons, there is a need to define biometrics in the context of the UserName token so that they are part of a multifactor solution. Phil Griffin Anthony Nadalin wrote: This is my point, why create a new token type, its just a BinarySecurityToken, just fall right in line with Kerberos and X509. Anthony Nadalin | work 512.436.9568 | cell 512.289.4122 |---------+----------------------------> | | "Phillip H. | | | Griffin" | | | <phil.griffin@asn| | | -1.com> | | | | | | 11/30/2002 07:59 | | | PM | |---------+----------------------------> >----------------------------------------------------------------------------------------------------------------------------------------------| | | | To: Anthony Nadalin/Austin/IBM@IBMUS | | cc: "[OASIS WSS]" <wss@lists.oasis-open.org> | | Subject: Re: [wss] WSS-Core-04-1117 Contribution | | | | | >----------------------------------------------------------------------------------------------------------------------------------------------| I think we should probably add this as an issue. I see little reason to treat this token differently than the BinarySecurityToken. You'll see that I mostly aped that text. Another related issue that should be added relates to my comment on the commonality between the binary security token and the XCBF token. I'd like to provde more input to support the idea that the two should be combined into a Foreign token that supports binary and XML encoded objects that are not based on the W3C schema. Phil Anthony Nadalin wrote: Phil, Thanks for the comments. The XCBFSecurityToken comments belong in a profile document, if you want we can add this issue of adding a XCBFSecurityToken profile to the call on Tuesday. Anthony Nadalin | work 512.436.9568 | cell 512.289.4122 |---------+----------------------------> | | "Phillip H. | | | Griffin" | | | <phil.griffin@asn| | | -1.com> | | | | | | 11/30/2002 05:52 | | | PM | |---------+----------------------------> ------------------------------------------------------------------------------------------------------------------------------------------------| | | | To: "[OASIS WSS]" <wss@lists.oasis-open.org> | | cc: | | Subject: [wss] WSS-Core-04-1117 Contribution | | | | | ------------------------------------------------------------------------------------------------------------------------------------------------| See attached. Phil #### WSS-Core-04-1117.doc has been removed from this note on November 30 2002 by Anthony Nadalin ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl> ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC