OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Issue Group 1 - SSO - Straw Ballot

Hi Nigel,

> Thanks for this - you've obviously done a lot of work.

Must mention Evan here - he was a big help.

As far as your suggested change to the straw ballot, I agree and will change
the requirement from ...

> >   [R-Anonymity] [OSSML] will allow assertions to be made about
> >   anonymous principals.

... to ...

> [R-Anonymity] [OSSML] will allow assertions to be made about anonymous
> principals, where "anonymous" means that an assertion about a
> principal does not include an attribute uniquely identifying the
> principal (ex: user name, distinguished name, etc.).

... unless someone objects.

Thanks,

Darren



> -----Original Message-----
> From: Edwards, Nigel [mailto:Nigel_Edwards@hp.com]
> Sent: Friday, February 16, 2001 1:08 AM
> To: UseCaseList
> Subject: RE: Issue Group 1 - SSO - Straw Ballot
>
>
> Hi Darren,
> Thanks for this - you've obviously done a lot of work.
>
> In the text you have the following.
> >
> > ISSUE[UC-1-06:Anonymity] What part does anonymity play in [OSSML]
> > conversations? Can assertions be for anonymous parties? Here,
> > "anonymous" means that an assertion about a principal does not include
> > an attribute uniquely identifying the principal (ex: user name,
> > distinguished name, etc.).
> >
> > A requirement for anonymity would state:
> >
> >   [R-Anonymity] [OSSML] will allow assertions to be made about
> >   anonymous principals.
>
> I request that this requirement be rephrased as:
>
> <rephrase>
> [R-Anonymity] [OSSML] will allow assertions to be made about anonymous
> principals, where "anonymous" means that an assertion about a
> principal does not include an attribute uniquely identifying the
> principal (ex: user name, distinguished name, etc.).
> </rephrase>
>
> The reason for this, is that I believe it is important to make sure
> what we mean by anonymous is not lost. In my opinion, other
> definitions of anonymous, make this requirement unworkable.
>
> Thanks and regards,
> Nigel.
>
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: security-use-request@lists.oasis-open.org
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC