OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [saml-dev] draft-catalyst-interop-plan-01

Title: Message
Our preference would be in the following order:
1. Base 64 DER
2. Binary DER
3. PKCS #7

Jahan Moreh
Chief Security Architect
tel: 310.286.3070
fax: 310.286.3076

-----Original Message-----
From: Hal Lockhart [mailto:hal.lockhart@entegrity.com]
Sent: Tuesday, April 30, 2002 12:21 PM
To: 'jmoreh@sigaba.com'; 'Mishra, Prateek'; saml-dev@lists.oasis-open.org
Subject: RE: [saml-dev] draft-catalyst-interop-plan-01

Comments below.

> Section 1.2, URL Naming Convention
> **
> What is the difference between the "portal" and the "inter-site
> transfer"? I thought they are one and the same (i.e., the URL for
> browser to go to authenticate and receive the artifact).

I agree, I don't see why they can't be the same.

> Section 1.6.b (trust model)
> **
> I think the correct standard here is PKCS #7 and not PKCS #12.

This is a holdover from our original idea that we would be exchanging a root plus a chain. Since I guess we are just exchanging a single root for SSL which is likely to be a self-signed cert, any of: PKCS#7, CMS, binary DER, base64 DER or PKCS#12 would work.

Anybody have a strong perference? We have a tool that can convert among various types.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC