[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Proposed checklist for "three-company"certification
At 05:30 PM 2/12/02 -0500, Scott Cantor wrote: > > To meet the OASIS requirement, I think we will need to list > > three companies for each of the following line items: > > > > Requester of AuthN by means of SOAP-over-HTTP binding > > Requester of AuthZ by means of SOAP-over-HTTP binding > > Requester of Attrib by means of SOAP-over-HTTP binding > >My only question regarding evaluating compliance this way is what the >obligations of a requester are with respect to understanding a Response >containing the different kinds of statements. > >If I claim the latter function (sending an AttributeRequest), what must >I be able to do with the response? Need anything be said at all, given >that the requester is the RP and is free to drop it in the bit bucket? I believe nothing need be said. It has to produce properly formed requests and that's all. Eve -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Center eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC