OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: ISSUE:[UC-12-01:Encryption] (was RE: Comments on Straw Man 2:Protection of message contents)


Sorry if I suggested that we could vote on this issue before the F2F - for a
while there I was thinking there would be more time between straw man 3 and
the F2F.

Thanks for the effort.


> -----Original Message-----
> From: Irving Reid [mailto:Irving.Reid@baltimore.com]
> Sent: Monday, February 26, 2001 8:10 PM
> To: security-use@lists.oasis-open.org
> Subject: ISSUE:[UC-12-01:Encryption] (was RE: Comments on Straw Man 2:
> Protection of message contents)
> This clearly can't be ready for ballot before the F2F, but I thought I'd
> respond to Darren's suggestion. What follows is my modified suggestion for
> issue ballot text:
> ISSUE:[UC-12-01:Encryption] UC-9-02:PrivacyStatement addresses the
> importance of sharing data only as needed between security zones (from
> asserting party to relying party). However, it is also important that data
> not be available to third parties, such as snoopers or untrusted
> intermediaries.
> One possible solution for implementors is to use secure channels between
> relying party and asserting party. Another is to use encryption,
> either with
> a shared secret or with public keys.
> Possible Resolutions:
> 1) Include an allowance for explicit use of encryption, such as XML
> Encryption (http://www.w3.org/Encryption/2001/), within SAML
> messages. SAML
> messages could then be transferred securely on any protocol.
> 2) Specify security properties in the Bindings documents. Each
> binding must
> include a description of how the privacy and integrity of SAML
> messages can
> be protected within that binding. Examples: S/MIME for MIME, HTTP/S for
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: security-use-request@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC