OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] Proposal to add new AuthenticationMethod

With this email I'd like to propose that we add an identifier for Secure
Remote Password (SRP) protocol (specified in RFC 2945) to the list of
AuthhenticationMethods. Brifely, SRP is based on Diffie-Hellman and
provides a more secure way of authenticating based on a password (or for
that matter any number of secrets).  The proposed change would be to add
the following to section 7.1 of Core:

Secure Remote Passowrd (SRP)
URI: urn:oasis:names:tc:SAML:1.0:am:SRP 
The authentication was performed by means of Secure Remote Password
protocol as specified in RFC 2945


Jahan Moreh
Chief Security Architect
tel: 310.286.3070
fax: 310.286.3076

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC