OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services-comment] Public Comment

Using SOAP to transport SAML protocol messages implies the ability to
use any of the specifications relevant to that environment, including,
but not limited to: WSDL, UDDI, WS-Security, WS-Addressing,
WS-ReliableMessaging, WS-Trust and WS-SecureConversation. There is no
particular reason to call out the use of any of them.

The ability to use WS-Security as a protection mechanism is discussed in
the Security and Privacy Considerations document.


> -----Original Message-----
> From: comment-form@oasis-open.org [mailto:comment-form@oasis-open.org]
> Sent: Tuesday, December 20, 2005 5:47 AM
> To: security-services-comment@lists.oasis-open.org
> Subject: [security-services-comment] Public Comment
> Comment from: L.Beekmann@intershop.com
> Name: Lars
> Title: Diplomand
> Organization: Intershop
> Regarding Specification: SAML 2.0
> Hi @ all,
> is there a statement from this TC regarding the usage of OASIS WSS to
> provide message-level security for the SAML SOAP Binding? Is it up to
> implementers to use WSS if they find its necessary - I'm asking
> from my point of view the usage of WSS sould be mentioned in the SAML
> Bindings Spec if it was so?!
> Thanks in advance!
> Lars
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> open.org
> For additional commands, e-mail: security-services-comment-
> help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]