OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] disposition of the HoK profiles

On Sun, Jul 5, 2009 at 6:19 PM, Scott Cantor<cantor.2@osu.edu> wrote:
> Tom Scavo wrote on 2009-07-05:
>> My earlier argument for an implementer of the HoK Web Browser SSO
>> Profile is an example---you do nothing.  The HoK Web Browser SSO
>> Profile can forever and always depend on CS-01 of the HoK Assertion
>> Profile.  It doesn't matter what changes are subsequently made in
>> CS-02 of the latter.
> Right, but by implication I have to process the confirmation method wthin
> the context of the dependent profile, and not in a sharable component that
> might be applicable to others.
> Not saying that's a big problem, but I was trying to explain what I thought
> the drawback was.

And I appreciate your comment, Scott, thanks.  Others should chime in
as well.  Hal's initial reaction on the call was to NOT take the HoK
Assertion Profile to CS at this time, so maybe it's not such a good
idea in general.  I'm proposing we do it since I can't see a good
reason not to, but I may be missing something.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]