[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Notion of session: picture
I got to thinking visually and produced the following .ppt diagram of what the model for our specification looks like in my mind. I've included core tokens, how the flow from services to applications through request/response XML protocols, and how they are transmitted via protocol bindings from one application to another. I've also included in dotted lines my notion of the two places where a notion of session would be appropriate -- one in the protocol binding layer (specified by us) and the other in the pre-existing communcations protocol infrastructure (specified by others and relied upon by us). I've also distinguished visually between "tokens" which are just the raw assertion, and "bound tokens" which might also be signed etc... in order to protect them appropriately for their environment of intended use (this was the substance of my discussion about making signatures optional on the main mailing list). I hope the diagram is helpful. I'm attaching both the .ppt source and a .pdf (See attached file: OASIS-model.ppt) (See attached file: OASIS-model.PDF) --bob Bob Blakley Chief Scientist, Security Tivoli Systems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC