OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] AI 60 - Dynamic Session Material

I would just note that I reviewed this presentation, and the earlier  
session materials forwarded to the list by Jason. I believe that the  
use-case/requirements document that I wrote (draft 02) currently  
uploaded in Kavi covers all of the requirements mentioned in  these  
materials. I would appreciate some review (in particular from you,  
Hal). Several of the requirements are covered by the existing work on  
Single Logout in Liberty (and are marked as such in the requirements  
document) but, in particular, no timeouts are specifically covered in  
the Liberty work.

The concept of a Session Authority as potentially separate from an  
Authentication Authority deserves some thought in particular - if we go  
this route, we may need to think carefully about the link between a  
session and authentication in SAML (and how we model it in the  
protocol). Also, understanding the interaction between a local session  
and some session that is shared between multiple service providers is  


- JohnK

On Tuesday, Oct 14, 2003, at 13:01 US/Eastern, Hal Lockhart wrote:

> Here is a presentatioon I made to the TC back in August 2001 on Dynamic
> Sessions.
> Hal
> <Dynamic Sessions.ppt>To unsubscribe from this mailing list (and be  
> removed from the roster of the OASIS TC), go to  
> http://www.oasis-open.org/apps/org/workgroup/security-services/ 
> members/leave_workgroup.php.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]