OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [security-services] TLS & SSL ciphersuite language

My primary reasoning is that I believe that most SAML servers will be
derived from Web servers, and will therefore first support the SSL/TLS
mechanisms that browsers support.  Even if they are not, and most SAML
servers are being created whole cloth out of a completely new code base,
I haven't heard a compelling argument made to support something other
than the most common web crypto suite.

As for intellectual property issues around RC4, the IETF names it in
RFC2246, the TLS spec.  They call it a stream cipher compatible with
RSA's RC4.


Zolera Systems, Your Key to Online Integrity
Securing Web services: XML, SOAP, Dig-sig, Encryption

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC