OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services]Groups-draft-sstc-solution-profile-soap-02.pdfuploaded

>I agree that there is a significant subset(superset?) of what we are
>about that applies generally no matter what authentication mechanism is

I meant further that in the simple use case of a client authenticating to
the authority to get an assertion for itself, this is a basic SOAP exchange
that's not much different than submitting a purchase order. IOW it's
orthogonal to some extent in both the authentication and application axes.

>Perhaps part of the confusion is, as has been pointing out previously by
>Salz and yourself, the lack of consistent use of the terms profile,
>and protocol. We are just trying to make sure that the SAML
>protocols/bindings/profiles are factored in a way that enables and
>appropriately leverages use of WSS in a SOAP Binding/Profile or whatever
>want to call it. 

Agreed. We just have to protect the independence of the spec such that one
can use but doesn't have to use WSS to represent or secure the various
entities and exchanges.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]