[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: No Subject
>>[Hal] >>Once again I will not be able to attend your call. However I >>would like to >>again contribute my proposed approach. I am wondering if this >>sort of scheme >>would be acceptable to them. >> >>Hal >> [Prateek] I agree that the issue below is an important one. I would argue that it is somewhat broader than a pure bindings issue tho' it has some clear relationship to bindings as well. It has a clear relationship to Marlena's "anonymity" issue. I plan to capture a list of "bindings-related" issues for f2f#4, unless you are already planning to do so. Tim Moses has also raised a number of bindings-related issues which need to be included. [Hal] >>-------------------------------------------------------------- >>-------------- >>-- >>The Shiboleth scheme requires the ability to request the >>attributes of user, >> >>without revealing the identity of that user. Further, the attributes >>revealed are a function of the requestor. >> >>This can be accomodated by SAML in the following way. These >>capabilities are >> >>required. >> >>1. The ability to issue an Authentication Assertion whose >>subject is an >>"blinded" identifier which can be mapped by an Authentication >>or Attribute >>Authority to a particualr subject, but which has a different >>value each time >> >>it is issued for the same subject. >> >>2. The ability to construct an Attribute Assertion for a >>subject identified >>by an Authentication Assertion with a "blinded" subject >>identifier. The >>Attribute Assertion would be constructed on demand and only >>contain the >>attributes appropriate for the requestor, but the means of >>doing this would >>not be specified by SAML. >> >>The session would go like this. >> >>1. The user would signon and receive a SAML Artifact. >> >>2. The user would present the Artifact, allowing a target >>server to retrieve >> >>the associated "blinded" Authentication Assertion. >> >>3. From this, the necessary Attribute Assertion could be obtained. >> >>Steps 2 & 3 could be combined in one request/response sequence. >> >>The assertions could also be passed via the user or pushed >>from the home >>site. >>-------------------------------------------------------------- >>-------------- >> >>> -----Original Message----- >>> From: Mishra, Prateek [mailto:pmishra@netegrity.com] >>> Sent: Wednesday, August 15, 2001 4:23 PM >>> To: 'security-bindings@lists.oasis-open.org' >>> Subject: FW: InterCall Confirmation of Conference Call Reservation >>> 1621282 >>> >>> >>> Agenda (I will have to leave at 1.30) >>> ------- >>> Agenda bashing >>> >>> 1. Shiboleth discussion >>> >>> (please read thread beginning with: >>> http://lists.oasis-open.org/archives/security-services/200107/ >>> msg00081.html >>> >>> and >>> >>> http://lists.oasis-open.org/archives/security-services/200108/ >>> msg00050.html >>> >>> 2. Planning for bindings 0.5 >>> >>> >>> >>> >>> -----Original Message----- >>> From: ireserv@intercall.com [mailto:ireserv@intercall.com] >>> Sent: Wednesday, August 15, 2001 4:10 PM >>> To: pmishra@netegrity.com >>> Subject: InterCall Confirmation of Conference Call >>Reservation 1621282 >>> >>> >>> **** A T T E N T I O N **** >>> >>> RESERVATION CONFIRMATION >>> >>> In order to serve you better, please VERIFY THE ACCURACY of this >>> reservation. Please do not reply back >>> to this E-Mail address, instead >>> >>> Take Control of Your Reservations with the Click of a Mouse. >>> Go to http://www.intercall.com and click on 'Make Your >>> Reservation Online'. >>> >>> With Intercall Online Reservations you can schedule a new >>> reservation or >>> even make changes to this one. It's just one way that >>> InterCall puts you in >>> control of your conference communications. Be sure to >>> bookmark the page for >>> future use. >>> >>> You can also call 1-800-374-2441 to make changes to this >>reservation. >>> >>> >>> ------------------------------------------ >>> Conference Access >>> ------------------------------------------ >>> US/Canada Dial-In Number: (800) 377-5653 >>> International/Local Dial-In Number: >>> >>> >>> Please give the leader/participants the above information to >>> dial for the >>> conference call and have them >>> provide their name, the leader's name and reference the >>> company hosting the >>> call. >>> >>> >>> ------------------------------------------ >>> Leader's Information >>> ------------------------------------------ >>> Conference Name: Netegrity, Inc. >>> >>> Leader's Name: Prateek Mishra >>> >>> Leader's Phone: 781-663-7358 >>> >>> Owner ID: 851599 >>> >>> >>> >>> >>> ------------------------------------------ >>> Conference Details >>> ------------------------------------------ >>> Type of Call: Meet-Me (operator-assisted) >>> Conference ID: 1621282 >>> >>> Conference Date: 8/16/2001 >>> >>> Start Time: 12:00 pm Eastern Time >>> >>> Expected Duration: 2 hours and 0 minutes >>> >>> Number of Participants: 10 >>> >>> >>> ------------------------------------------ >>> Enhanced Features: >>> ------------------------------------------ >>> Participants will be entered directly into the conference. >>> >>> >>> ------------------------------------------ >>> Conference Participants: >>> ------------------------------------------ >>> >>> Name Type Dial Out >>> Phone >>> >>> -------------------------------------------------------------- >>> ----------- >>> * Mishra, Prateek MM (650) 520-3893 >>> >>> * Indicates a conference leader. >>> >>> ---------------------------------------------------------------- >>> To subscribe or unsubscribe from this elist use the subscription >>> manager: <http://lists.oasis-open.org/ob/adm.pl> >>> >>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC