OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Nigel's vote Issue Group 12

ISSUE:[UC-12-01:Confidentiality]

b) C&I protection is optional (but encouraged).

----------------------------------------------------------------------------

ISSUE: [UC-12-02:ConfidentialMessages]

c) C&I protection shall be specified both within the SAML message format and
within protocol bindings. Deployments can choose the appropriate solution.
For example, SAML messages within S/MIME documents do not need message-level
C&I protection, while SAML messages passed as HTTP cookies do.

----------------------------------------------------------------------------

ISSUE:[UC-12-03:EncryptionNow]

a) Integrity protection shall use XML DSIG, and confidentiality
protection shall not be available.

In voting for this, I want make the comment, that I believe that
confidentiality can and should be provided by appropriate protocol
bindings. 

----------------------------------------------------------------------------

ISSUE:[UC-12-04:EncryptionLater]

b) SAML shall be revised to use XML Encryption.

A worthy and honourable intention. Doesn't really place any immediate
actions on any of the other groups.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC