[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Nigel's vote Issue Group 12
ISSUE:[UC-12-01:Confidentiality] b) C&I protection is optional (but encouraged). ---------------------------------------------------------------------------- ISSUE: [UC-12-02:ConfidentialMessages] c) C&I protection shall be specified both within the SAML message format and within protocol bindings. Deployments can choose the appropriate solution. For example, SAML messages within S/MIME documents do not need message-level C&I protection, while SAML messages passed as HTTP cookies do. ---------------------------------------------------------------------------- ISSUE:[UC-12-03:EncryptionNow] a) Integrity protection shall use XML DSIG, and confidentiality protection shall not be available. In voting for this, I want make the comment, that I believe that confidentiality can and should be provided by appropriate protocol bindings. ---------------------------------------------------------------------------- ISSUE:[UC-12-04:EncryptionLater] b) SAML shall be revised to use XML Encryption. A worthy and honourable intention. Doesn't really place any immediate actions on any of the other groups.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC