OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Groups - sstc-saml-sec-consider-2.0-draft-03-diff.pdf uploaded

The document sstc-saml-sec-consider-2.0-draft-03-diff.pdf has been submitted by Frederick Hirsch (frederick.hirsch@nokia.com) to the OASIS Security Services TC document repository.

Document Description:
Added SAML 1.1 security considerations for POST and Artifact bindings. Added draft for URI binding substitution threat. Added reauthentication related threat for SSO profile. Added PAOS binding denial of service threat and  ECP threat text. Made ciphersuite recommendations consistent with Bindings spec. Added SSL/TLS server authentication statement. Per F2F removed reliable messaging statement, replaced DoNotCacheCondition with OneTimeUse. Updated references, including RFC3552 and Shib URL. Editorial  structured sections to remove depth, match bindings and profiles. Uniform threats and countermeasures headings. Spelling/typos.

Also uploaded Open Office source and non-diffd pdf (http://www.oasis-open.org/apps/org/workgroup/security/download.php/7378/sstc-saml-sec-consider-2.0-draft-03.pdf)

Download Document:  

View Document Details:

PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]