OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss] proposed terminology addition to STP - impersonation


Tony
 
I don't see any definition of impersonation in the SAML Glossary.  But more to the point, the reason I asked Ron to include a definition of impersonation was that at the time he and Rich Levinson were defining a protocol in the SAML profile, which used impersonation .  This I felt would lead users to assume that using the impersonation capability would be equivalent to using delegation, since the difference between the two is subtle to the uninitiated.  In fact, the two are quite different in that in delegation the delegator should be able to say who can act as delegatees for him and to limit what activities the delegatees can perform in the delegator's name.  Impersonation says that anyone can do anything in the name of the impersonated entity.  However, since this addition to the specification is not being incorporated, I withdraw my request.
 
Don
-----Original Message-----
From: Anthony Nadalin [mailto:drsecure@us.ibm.com]
Sent: Tuesday, March 09, 2004 4:56 PM
To: 'wss@lists.oasis-open.org'
Subject: Re: [wss] proposed terminology addition to STP - impersonation

Can't you just put a reference to the SAML Glossary in the appendix and thus not define duplicate terms ?

Anthony Nadalin | work 512.838.0085 | cell 512.289.4122
Inactive hide details for Ron Monzillo <Ronald.Monzillo@Sun.COM>Ron Monzillo <Ronald.Monzillo@Sun.COM>


          Ron Monzillo <Ronald.Monzillo@Sun.COM>

          03/09/2004 09:15 AM

To
"'wss@lists.oasis-open.org'" <wss@lists.oasis-open.org>

cc

Subject
[wss] proposed terminology addition to STP - impersonation

Donn Flinn asked that a definition of impersonation be added to the
terminology section of the SAML token profile.

I propose that the following line be added (at about line 183).

Impersonation – occurs when the attesting entity is not the subject of
the assertions.

where attesting entity is already defined as:

175 Attesting Entity – the entity that provides the confirmation
evidence that will be
used to establish the correspondence between the subject of SAML subject
statements (in SAML assertions) and SOAP message content.


To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/wss/members/leave_workgroup.php.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]