[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Re: Indication of Intent / Commitment type
At 09:50 AM 3/9/2004 -0500, jmessing wrote: >In a dss, the username/password can be leveraged into a digital signature >by having a method by which a server recognizes a use from the >username/password and digitally signs on the user's behalf [...] One way >to do this is to have a third party authenticate the user with the >username/password and digitally sign an authentication assertion (SAML) >which the signature server recognizes. just to toss in a comment: TLS/SRP is another good way to use usernames/passwords. The client uses his username and password to mutually authenticate with the DSS server and establish a secure session. Of course, if you *want* to use a 3rd-party for authentication, this isn't helpful, but if password-based authentication directly with the DSS server is what you want, I think that's the best way to go. Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]