OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] Representing requestor's identity

Apart from some of the identity and authentication issues being debated with regard to SAML, I would like to see a somewhat richer set in the base where for example the corporate signing use case is involved.

Besides a signer's identity, could we indicate where the signer is signing on behalf of another person or entity

--title
--signature authorization (as in legal authority or delegated permission)
--duration of signature authorization
--individual who granted authorization to sign


>No, I would like to see the base being:
>
>- Simple name string
>- RFC 3280/X.509 general name (possibly encoded as an LDAP string)
>- SAML Assertion
>- WSS UsernameToken
>- Kerberos
>- Other name forms to be identified at a later date
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]