[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Additional comments on core-02
Scott Cantor wrote on 11/1/2004, 11:32 AM: > > If this is what was meant, does this imply that when there is a name > > identifier, the entity that satisfies the subject confirmation > cannot be > > treated as the entity that > > the authority associates with the claims in the assertion? > > That's certainly not my intent. Rob? The statements in the assertion are about the name identifier. The subject confirmation is about who can present the assertion. The name identifier may be the name for the entity that can do the confirmation (in which case the statements also happen to be about the confirming entity since that entity is in the name identifer). Statements are about a subject. Subject confirmation is about who can confirm the subject (and hence, present the assertion). In order for statements to be about the confirmer, the subject must also specify the confirmer. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]