[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Security reqs v.02
Bill, Thanks for sending out the security material. I have comments based on your documents: - Your list of relevant standards activities capture the current state of the market with respect to security in XML-based architectures. - A security issue omitted from your list is duration. When are participants permitted to timeout their respective tokens? I know that this was talked about at some of the modeling meetings. Perhaps Alastair can comment. - With respect to identity, I can envision a BTP network that underlies an identity scheme. Imaging a user wants some work done. In turn the user's application passes the request down the stack to a BTP layer that is authenticated at the organizational level. I am not sure that SSO will do the trick in this case. Thanks, Mark > -----Original Message----- > From: Bill Pope [mailto:bpope@bowstreet.com] > Sent: Thursday, June 28, 2001 1:53 PM > To: BT (main list) (E-mail) > Subject: Security reqs v.02 > > > > Find attached two documents. > Draft 2 of the security issues document. > Draft 1 of the external activity report. > > Comments are invited, > =bill > > William Z Pope Bowstreet > +1 603 559 1538 One Harbour Place > bpope@bowstreet.com Portsmouth NH 03801 USA > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC