[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] TLS & SSL ciphersuite language
My primary reasoning is that I believe that most SAML servers will be derived from Web servers, and will therefore first support the SSL/TLS mechanisms that browsers support. Even if they are not, and most SAML servers are being created whole cloth out of a completely new code base, I haven't heard a compelling argument made to support something other than the most common web crypto suite. As for intellectual property issues around RC4, the IETF names it in RFC2246, the TLS spec. They call it a stream cipher compatible with RSA's RC4. /r$ -- Zolera Systems, Your Key to Online Integrity Securing Web services: XML, SOAP, Dig-sig, Encryption http://www.zolera.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC