OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: FW: My votes attached

I sent these to Darren and Prateek, and then had an airline-enforced 48 hour
email hiatus during which it was pointed out that I should have sent them to
the list...

-----Original Message-----
From: Irving Reid 
Sent: Friday, February 23, 2001 5:43 PM
To: Darren Platt; Mishra, Prateek
Subject: My votes attached



 - irving -


Group 1: Single Sign-on Push/Pull Variations

ISSUE[UC-1-01:Shibboleth]
1. The above list of issues, combined with the strawman 2 document,
address the requirements of Shibboleth, and no further investigation
of Shibboleth is necessary. Close this issue.

ISSUE[UC-1-02:ThirdParty]
1. Edit the current third-party use case scenario to feature passing
a third-party authentication assertion from one destination site to another.

ISSUE[UC-1-03:ThirdPartyDoable]
2. The use case scenario is implementable, and whether it should stay
in the document or not should be decided based on other factors.

ISSUE[UC-1-04:ARundgrenPush]
3. Do not add this use case scenario to the use case document.

ISSUE[UC-1-05:FirstContact]
1. Add this use case scenario to the use case document.

ISSUE[UC-1-06:Anonymity]
1. Add this requirement to the use case and requirement document.

ISSUE[UC-1-07:Pseudonymity]
1. Add this requirement to the use case and requirement document.

ISSUE[UC-1-08:AuthZAttrs]
1. Edit the use case scenarios to specify passing authz attributes
with authentication documents for the SSO scenarios.

ISSUE[UC-1-09:AuthZDecisions]
1. Edit the use case scenarios to use the term "authz
decision" and add the [R-AuthZDecision] requirement.

ISSUE[UC-1-10:UnknownParty]
2. Do not add this use case scenario to the use case document.

ISSUE[UC-1-11:AuthCEvents]
1. Edit the use case scenarios to specifically define when authc event
descriptions are transferred, and edit the R-AuthC requirement.

Issue: [UC-3-1:UserSession]
2. Do not add this requirement and/or use cases

ISSUE:[UC-3-02:ConversationSession]
1. Do not pursue this requirement as it is not in scope.

ISSUE:[UC-3-03:Logout]
2. Do not add this requirement and/or use cases

Issue: [UC-3-6:Destination Logout]
2. Do not add this requirement and/or use cases

Issue: [UC-3-7:Logout Extent]
1. Logout from destination web site is local to destination [DavidO recommendation]

ISSUE:[UC-3-04:StepUpAuthc]
2. Step up Authentication is not a requirement. Close the issue.

ISSUE:[UC-3-05:SessionTimeout]
2. Do not add this requirement and/or use cases

Issue: [UC-3-8:Destination Timeout]
2. Do not add this requirement and/or use cases

ISSUE:[UC-5-03:AuthCThrough]

(a) Resolution: Yes/No
Yes.

(b) Resolution: Yes/No
No.

(c) Resolutiom: Yes/No
No.
-------------------------------------------------------------------
ISSUE:[UC-5-02:SASL]

Resolution: Yes/No
Yes.

[SASL] RFC 2222:
---------------------------------------------------------------------

[ISSUE:[UC-5-01:AuthCProtocol] 

(a) Resolution: Yes/No
Yes.

(b) Resolution: Yes/No
Yes.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC