OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Groups - Action Item Closed: #0330 Revise Holder-of-Key Web Browser...

OASIS Security Services (SAML) TC member,

Mr Brian Campbell has closed this action item.

Number: #0330
Description: Revise Holder-of-Key Web Browser...
Owner: Mr. Nathan Klingenstein
Status: Closed

Mr Brian Campbell  2008-05-19 19:49 GMT
from http://lists.oasis-open.org/archives/security-services/200805/msg00024.html


Nate: chose TLS because it came from standards body. Not sure
Scott: probably shouldn't go there.
Nate: didn't mean to preclude SSL, just using TLS as shorthand for the 
both of them
Scott: should write both
Hal: using SSL is actually TLS
Scott: convention is to write SSL/TLS
Hal: is there a footnote reference to the RFC
Nate: yes, in the normative refs
Hal: my suggestion is to leave it TLS, readers will know. Is there a 
demand for SSL?
Scott: is this the HTTP client talking to the IDP. if so, some HTTP 
clients make you configure one or the other.
Tom: could be handled in the introduction simply by defining what 'TLS' 
means when used in the doc. Meta comment is 'Is SSL OK'
RL Bob: SSL 2 is NOT acceptable, TLS 1.1 is most current
Ari: just say TLS
Scott: finesse it in doc, but make clear in the conformance section what 
you need to support

AI: Nate to revise Holder-of-Key Web Browser SSO Profile to make clear 
what 'TLS' means, i.e. SSL 3, TLS 1, or TLS 1.1"

View Details:

PLEASE NOTE:  If the above links do not work for you, your email application
may be breaking the link into two pieces.  You may be able to copy and paste
the entire link address into the address field of your web browser.

- OASIS Open Administration

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]