OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Session Token Profile

I have submitted a draft of a Profile for communicating session state amongst web servers via cookies. I have asked the chairs to put it on the Agenda for the next call for some preliminary discussion. It has already been shown to a few people off list. I hope to spur discussion and drive adoption once it is complete.

My thanks to F5 Networks, who has given permission for me to cite them as supporting this Profile. Lloyd Burch of Novell is looking into helping me edit the document.

It is my belief that this Profile will provide standard syntax to support the session management algorithms already in use. I expect that its security characteristics will be the same as existing proprietary solutions.

I have left comments in the document in several places where I am not sure how much to standardize and how much to leave as deployment options.

Feel free to comment.

Hal

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]