OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] suggested HoK URIs and namespace prefixes

On Mon, Aug 18, 2008 at 5:40 PM, Scott Cantor <cantor.2@osu.edu> wrote:
> The relevant distinctions tend to be more about the difference (if any)
> between the relying party and the requester.
> As an example, there's no good reason why a profile has to address whether
> one user can request a token to act as another. That's policy. The messages
> would be the same (structurally) in either case.

I'm not following you, Scott.  In draft-02, I'm assuming that the
presenter is the subject.  This covers Nate's profile and the
nonbrowser use case I have in mind.  Can you give an example of a use
case that does not involve the subject but still utilizes
holder-of-key?  Are you referring to the delegation issue that Eve
raised earlier?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]