[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: DaveO votes issue group 12
ISSUE:[UC-12-01:Confidentiality] c) C&I protection is unsupported. I don't know how to deal with "optional" things in spec, nor encourage. ---------------------------------------------------------------------------- ISSUE: [UC-12-02:ConfidentialMessages] c) C&I protection shall be specified both within the SAML message format and within protocol bindings. Deployments can choose the appropriate solution. For example, SAML messages within S/MIME documents do not need message-level C&I protection, while SAML messages passed as HTTP cookies do. I do want to make sure that for each protocol it is specified, ie if using HTTP, then HTTPS is the mechanism. If using MIME, then S/MIME. If using cookie then xyz. ---------------------------------------------------------------------------- ISSUE:[UC-12-03:EncryptionNow] Abstain. I don't know enough about the various options. ---------------------------------------------------------------------------- ISSUE:[UC-12-04:EncryptionLater] a) SAML shall continue to use the C&I method specified in ISSUE:[UC-12-03:EncryptionNow]. There is no mandate we can place on the WG, we can't bind our WG to anything in the future Dave Orchard XML Architect Jamcracker Inc., 19000 Homestead Dr., Cupertino, CA 95014 p: 408.864.5118 m: 604.908.8425 f: 408.725.4310 www.jamcracker.com - Sounds like a job for Jamcracker.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC