OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Credential "Negotiation" Complexity

> I find this example strange.  If it is a "fact" that an 
> Assistant Professor of Computer Science
> implies a Phd in the same subject, why did not the AP 
> provided the credential asked for?
> Regardless of scheme used, all parties must agree on format 
> and exact semantics of
> credentials. 

I was trying to illustrate that the policy of credentials mapping (response,
negotiation) may not be that simple. 

I do not agree that agreement on semantics is even remotely likely.

A more real world example: I decide, perhaps unlaterally or perhaps based on
an agreement with Amex, that all Amex Gold Card members will be allowed
special privileges on my Web site. All I want to know from Amex is "is this
guy a Gold Card Holder?" Does Amex have any idea what I will allow the user
to do? No. Perhaps tomorrow only Platinum card holders will have special
privileges and gold and regular customers will be treated the same. Perhaps
Amex will change the criteria for getting a Gold or Platinum card on the
next day.

I do not consider this agreement on exact semantics.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC