OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] Groups - authentication-context.pdf uploaded


On Wednesday, Oct 15, 2003, at 22:09 US/Eastern, Anthony Nadalin wrote:

> John,
>> I think there are subtle differences between authentication method,
> authentication context, and what I will call authentication context
> policy:
> Basically you have the right direction, you may have missed the point 
> that
> the domain specific policies in WS-Policy can be attestations, thus 
> policy
> can attest to authentication method and form the authentication 
> context.

 From this I gather that you agree that there is a place for 
authentication context in SAML, and that it may be distinct from 
authentication method. Certainly there is more information in 
authentication context than authentication method (a 
MobileTwoFactorContract context expresses that authentication methods 
were used in the context of a mobile phone contract, for example).

A separate question might be whether there is some overlap between the 
Authentication Context specification and WS-Policy. At this point, I 
don't know if that question is being addressed within SSTC.

- JohnK


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]