RE: New Issues, Authorities and Domains

[Hal Lockhart <hal.lockhart@entegrity.com>]

Sorry I forgot to copy the list with this. I didn't notice till Phill
replied privately. Perhaps he will post his response to the list as well.

----------------------------------------------------------------------------
-------------
Phill,

I can not tell if you are responding to my point #1 or #2.

In regard to #1: Stephen Farrell has suggested that it may be necessary to
selectively encrypt subject but not domain. It is possible to dispute that
requirement, but assume it is accepted. It seems likely that XML encryption
will allow encryption of elements, but not portions of elements. If we use
URI's, the domain and subject will be a part of the same element.

In regard to #2, the proposed scheme contains information that identifies
the issuer and information within the URI that identifies the domain. My
point had nothing to do with ambiguity. It was about whether SAML should
provide policy guidance about the domains for which an issuer may issue
assertions.

Hal

> -----Original Message-----
> From: Phillip Hallam-Baker [mailto:pbaker@verisign.com]
> Sent: Monday, May 28, 2001 9:46 AM
> To: Hal Lockhart; security-services@lists.oasis-open.org
> Subject: RE: New Issues, Authorities and Domains
> 
> 
> I take the view that 
> 
> 1) Each assertion is implicity qualified by the issuer name.
> 
> 2) URIs provide sufficient flexibility to allow parties 
> acting in good faith
> to uniquely identify resources etc. without ambiguity.
> 
> [Appologies in advance for the argument which follows which 
> is of the 'boil
> the ocean variety]
> 
> 
> The qualification 'in good faith' is the important point. I 
> have never been
> convinced by Ron's SDSI argument that all names are relative. 
> It is true
> that the discovery that names are intrinsically subjected 
> caused the logical
> positivists to fail, however there have been considerable developments
> since.
> 
> The most important of these is the concept of 
> Intersubjectivity, loosely
> stated this goes, although there are many facts that we 
> cannot prove to an
> absolute skeptic such as Descarte's daemon and are thus 
> 'subjective' the
> axioms from which the facts may be established are agreed 
> intersubjectively.
> 
> So for example neither I nor anyone else can prove that 
> Napoleon was Emperor
> of France, in fact we cannot prove using symbolic logic that 
> either Napoleon
> or France existed. Despite the failure of symbolic logic we 
> can construct a
> plausible argument that both did exist and moreover the overwhelming
> probablility is that if I use the term 'Napoleon' and you use the term
> 'Napoleon' we are both talking about the same person.
> 
> 
> In the Internet architecture names are derived from the DNS 
> infrastructure.
> The Internet architecture does allow for multiple name spaces 
> and in fact
> some people have set up separate name spaces and even address spaces.
> However 99.999% of the Internet have a common understanding 
> of the meaning
> of www.cnn.com.
> 
> The practical implication of this observation is that rather 
> than supporting
> infinite regression of The person X calls Y asserts that Z... the
> identifiers are normalized at each stage. So that the only 
> question we ask
> is 'is the issuer of the assertion trusted to make the claim 
> stated?' - and
> explicit in that statement is the understanding that by 
> trusting the issuer
> we mean that we trust the issuer to use the same terms as we use.
> 
> 
> 		Phill
> 
> 
> Phillip Hallam-Baker FBCS C.Eng.
> Principal Scientist
> VeriSign Inc.
> pbaker@verisign.com
> 781 245 6996 x227
> 
> 
> > -----Original Message-----
> > From: Hal Lockhart [mailto:hal.lockhart@entegrity.com]
> > Sent: Thursday, May 24, 2001 10:56 AM
> > To: security-services@lists.oasis-open.org
> > Subject: New Issues, Authorities and Domains
> > 
> > 
> > Here are a couple of issues we should think about.
> > 
> > An Assertion is issued by an authority.
> > 
> > Assertions may be signed.
> > 
> > The name of a subject must be qualified to some domain.
> > 
> > Attributes must be quailfied by a domain as well.
> > 
> > Nigels comments in the last concall suggest that resources 
> > also need to be
> > qualified by domain.
> > 
> > 1. Stephen has pointed out that there may be a requirment to 
> > encrypt, for
> > example, the use name but not the domain. Therefore they 
> should be in
> > separate elements. If domains are going to appear all over 
> > the place, maybe
> > we need a general way of having element pairs or domain and 
> "thing in
> > domain."
> > 
> > 2. Should SAML take any position on the relationship between the 1)
> > Authority, 2) the entity that signed the assertion, and 3) 
> the various
> > domains scattered throughout the assertion? The contrary view 
> > is that is a
> > matter for private arrangement among asserting and relying parties.
> > 
> > Hal
> > 
> > ------------------------------------------------------------------
> > To unsubscribe from this elist send a message with the single word
> > "unsubscribe" in the body to: 
> > security-services-request@lists.oasis-open.org
> > 
> 
> 
>