OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: XrML Interop Scenarios: First Draft

Hello Everyone,
Several weeks ago, I promised to work on an XrML interop scenario document. Here is a first draft. I have kept the scenarios straightforward and simple to ease implementation(it won't take more than a couple of weeks to code this). 
The proposal includes the following three scenarios:
1. Client Autentication: A possessProperty XrML authentication token is sent to authenticate the client to the web service. The reciever sends an "EchoString" back.
2. Mutual Authentication: A possessProperty XrML authentication token is sent by the client to the webservice for authentication. Instead of responding back with an "EchoString", the web service sends a signed response body and  appends its own possessProperty license to the header for authentication. Upon receiving the response, the original sender validates the signature, and the XrML license imbedded within the Security header.
3. Issuer Authorization story: Along with a possessProperty authentication token, the sender also sends the XrML issuer authorization license of the issuer of it's authentication token. This issuer authorization license certifies to the fact that issuer has the right to issue possessProperty tokens to the sender. The two tokens, the possessProperty authentication token of the sender, and the issuer authorization token, make up what is known as the authorization story(akin to a x509 certificate chain)
In all of the above scenarios, the XrML tokens are signed, and must validate correctly during processing.
 
The scenario document is just a first draft, therefore, I would need your feedback to get it right. Also, I have kept the structure of this document similar to Interop I and Interop II; I thought that format worked out very well...so I thank the editors (Hal, Chris) of those specs.
I understand that this document may have many mistakes, so please don't hesistate to point them out. Also forward any questions that you may have about this document to me. 
Regards,
TJ Pannu

WSS-XrML-Interop-version 01.doc

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]