OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Authentication Method

I agree that it was a hack and may create confusion so we should clarify
where possible

>-----Original Message-----
>From: Scott Cantor [mailto:cantor.2@osu.edu]
>Sent: Friday, March 12, 2004 11:07 AM
>To: 'Paul Madsen'; security-services@lists.oasis-open.org
>Subject: RE: [security-services] Authentication Method
>> Not sure of the overlap, the URI (whatever the SSTC version 
>> is)  simply indicates that the authentication context for 
>the assertion 
>> can somehow be described using the AuthnContext structure. 
>Yes, but I think the use of the URI as a call-out was a hack 
>to deal with
>the mandatory AuthnMethod. It might be the right hack, but it 
>still seems
>odd to me.
>What I'm maybe suggesting is the ability to stick the context class
>reference in as the authentication method, and then we'd have to define
>context class "meaning" for the existing method URIs. Then the 
>context class
>bit goes away as a schema bit.
>Either way, we just need to harmonize the two approaches better.
>-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]