OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Moving subjects up to assertions (disregardfirst reply)

> And... SubjectLocality, in the AuthenticationStatement, kinda relates to 
> a Subject - which would no longer be present in the statement itself. 
> Again, that seems a bit strange.

Well, SubjectLocality is nominally data about the authentication event. It's
definitely at least a cousin of SubjectConfirmation in terms of actual use
(checking client addresses during SSO), but I don't know that it doesn't
still belong in AuthenticationStatement independent of that use.

If we start arguing everything related to a Subject shouldn't be in the
statements, it's really arguing to eliminate statements and collapse the
data model. I didn't originally push hard for this wholesale optimization
for exactly that reason, I saw a slippery slope.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]