[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] SSO validity period
RL 'Bob' Morgan wrote on 4/6/2004, 11:21 AM: > > I'm not sure which "this window" you're referring to, but I think that > even if stolen bearer token issues go away in the scenario you > describe, there is still a need for a generic validity period > (as described in my other note, the "throw-away-after" date) in > this case. That was the time period that I was referring to in "this window". I agree that we need to support such a window, but I do not think it should be mandatory to have it specified. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]