[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Request for clarification
Thanks
Shirley
-----Original Message-----
From: RL 'Bob' Morgan [mailto:rlmorgan@washington.edu]
Sent: Thursday, July 26, 2001 4:32 PM
To: Kawamoto, Shirley
Cc: OASIS Security Services TC
Subject: RE: Request for clarification
> I'm a little confused about your description. It sounded to me as
> though you were saying that the Credentials Assertion is still being
> handled by SAML only by a different sub group. On the other hand, it
> sounds as though the actual authentication sequence is outside of
> SAML. Could you please clarify?
My impression of the situation is that a majority of the committee is of
the opinion that standardizing the part of the domain model that deals
with the Credentials Collector, its interaction with a client, and its
interaction with other Authorities (in particular the Authentication
Authority) is not needed for SAML 1.0. Their arguments are (more or less)
that this area has lots of authentication-method-specific messiness to it
that would make it difficult to complete, and that there is not a strong
requirement for SAML-specified interoperability because
credentials-handling functions are handled well enough already by other
existing protocols (eg LDAP, RADIUS, Kerberos, SSL, etc).
The subgroup that Hal mentions feels that there is a strong
interoperability requirement for SAML to meet, and that a reasonable
proposal can be produced and agreed to. They were encouraged to develop
this and submit it to the committee but to my knowledge have not done so.
- RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC