RE: [security-services] Re: comments re draft-sstc-metadata-iop-02

["Scott Cantor" <cantor.2@osu.edu>]

> I know you dislike the phrase "PKI" but the fact is that you are
> building a SAML-based PKI (as opposed to an X.509-based PKI) using
> SAML metadata.

I agree (allowing that in theory this profile doesn't require assymmetric
keys), but I believe the term PKI has been more or less permanently poisoned
by X.509. I think it might be more harmful to understanding than helpful to
try to apply the term, however correct it might be.

I guess I could live with "SAML V2.0 Metadata Profile for Federation and Key
Exchange". I can't say I like it, and so far I haven't heard anybody else
speak up on either side of this question.

-- Scott