[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [wss] WSS-Core-04-1117 Contribution
Lets put it on the agenda for the call Tuesday and at the F2F as there are
different ways proceed on this subject.
Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
|---------+---------------------------->
| | "Phillip H. |
| | Griffin" |
| | <phil.griffin@asn|
| | -1.com> |
| | |
| | 12/01/2002 03:43 |
| | PM |
|---------+---------------------------->
>----------------------------------------------------------------------------------------------------------------------------------------------|
| |
| To: Anthony Nadalin/Austin/IBM@IBMUS |
| cc: "[OASIS WSS]" <wss@lists.oasis-open.org> |
| Subject: Re: [wss] WSS-Core-04-1117 Contribution |
| |
| |
>----------------------------------------------------------------------------------------------------------------------------------------------|
Not exactly. The schema for XCBF message allows them to be encoded
using BER/DER or XML markup. So the binary representation for this
token is the same, but the XML markup representation is not. In effect,
BinarySecurityToken is a subset of XCBFSecurityToken.
The XML markup representation of XCBF messages is not based on the
W3 schema. The signature and encryption processing is not based on XML
Signature and XML Encryption.
And for security reasons, there is a need to define biometrics in the
context
of the UserName token so that they are part of a multifactor solution.
Phil Griffin
Anthony Nadalin wrote:
This is my point, why create a new token type, its just a
BinarySecurityToken, just fall right in line with Kerberos and X509.
Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
|---------+---------------------------->
| | "Phillip H. |
| | Griffin" |
| | <phil.griffin@asn|
| | -1.com> |
| | |
| | 11/30/2002 07:59 |
| | PM |
|---------+---------------------------->
>----------------------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: Anthony Nadalin/Austin/IBM@IBMUS
|
| cc: "[OASIS WSS]" <wss@lists.oasis-open.org>
|
| Subject: Re: [wss] WSS-Core-04-1117 Contribution
|
|
|
|
|
>----------------------------------------------------------------------------------------------------------------------------------------------|
I think we should probably add this as an issue. I see little reason
to
treat this token differently than the BinarySecurityToken. You'll see
that I mostly aped that text.
Another related issue that should be added relates to my comment
on the commonality between the binary security token and the XCBF
token. I'd like to provde more input to support the idea that the two
should be combined into a Foreign token that supports binary and
XML encoded objects that are not based on the W3C schema.
Phil
Anthony Nadalin wrote:
Phil,
Thanks for the comments. The XCBFSecurityToken comments belong
in a
profile
document, if you want we can add this issue of adding a
XCBFSecurityToken
profile to the call on Tuesday.
Anthony Nadalin | work 512.436.9568 | cell 512.289.4122
|---------+---------------------------->
| | "Phillip H. |
| | Griffin" |
| | <phil.griffin@asn|
| | -1.com> |
| | |
| | 11/30/2002 05:52 |
| | PM |
|---------+---------------------------->
------------------------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: "[OASIS WSS]" <wss@lists.oasis-open.org>
|
| cc:
|
| Subject: [wss] WSS-Core-04-1117 Contribution
|
|
|
|
|
------------------------------------------------------------------------------------------------------------------------------------------------|
See attached.
Phil
#### WSS-Core-04-1117.doc has been removed from this note on
November 30
2002 by Anthony Nadalin
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the
subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>
----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC