[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Representing requestor's identity
Dear all, One of the issues that we should try to deal with during these days is the issue of representing requestor's identity and how this should be included in the requirements document. So far the latest version of teh requireements document says in its 3.2.1 section: "If the server is not signing with a key specific to the requestor, then the server might want to represent the requestor's name, and possibly details of how the requestor authenticated, in a 205 signed attribute. We will define an XML element for this purpose, which will contain: 206 • Requestor Name (in a type/value format such as a SAML NameIdentifier) 207 • (Optionally) Information supporting the name (such as a SAML Assertion, Liberty Alliance 208 Authentication Context, or X.509 Certificate)" Does this constitute a basis for reaching a consensus or is there anyone thinking that something should be changed or added? Juan Carlos.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]