[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Authentication Method
I agree that it was a hack and may create confusion so we should clarify where possible Paul >-----Original Message----- >From: Scott Cantor [mailto:cantor.2@osu.edu] >Sent: Friday, March 12, 2004 11:07 AM >To: 'Paul Madsen'; security-services@lists.oasis-open.org >Subject: RE: [security-services] Authentication Method > > >> Not sure of the overlap, the URI (whatever the SSTC version >> is) simply indicates that the authentication context for >the assertion >> can somehow be described using the AuthnContext structure. > >Yes, but I think the use of the URI as a call-out was a hack >to deal with >the mandatory AuthnMethod. It might be the right hack, but it >still seems >odd to me. > >What I'm maybe suggesting is the ability to stick the context class >reference in as the authentication method, and then we'd have to define >context class "meaning" for the existing method URIs. Then the >context class >bit goes away as a schema bit. > >Either way, we just need to harmonize the two approaches better. > >-- Scott >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]