OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] ISSUE: core-27: Should AuthenticationMethods andConfirmationMethods be listed in the same subsection?

This ISSUE msg is related to ISSUE:[DS-1-10: SubjectConfirmation Descriptions]
(line 1253 of saml-issues-08, and in this msg..

New Issue: SubjectConfirmation descriptions

It is also related to this proposal by Hal for prose describing the differences
between AuthenticationMethod and ConfirmationMethod..

Proposed text: Authentication Method vs. SubjectConfirmation Met hod 

ISSUE: core-27: Should AuthenticationMethods and ConfirmationMethods be listed
in the same subsection?

core-27 states for both AuthenticationMethod (lines 673-674) and
ConfirmationMethod (lines 647-648) that..

  "URIs identifying common authentication protocols are listed in Section 7."

..and we have (line 1550)  "7.1. Confirmation Method Identifiers"  containing a
list of ostensible authentication protocols -- but *are they* ??

For example, "sender vouches" is a confirmation method invented in the SAML
context and is not a well-known authentication method/mechanism. The same is
true for "SAML Artifact". 

It may be reasonable to keep all these items together in one list if each item
is explicitly identified whether it is an AuthenticationMethod, a
ConfirmationMethod, or both.  Otherwise, we should have separte lists.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC