wss message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [wss] Revised WSS OTP-Token proposal
- From: Kelvin Lawrence <klawrenc@us.ibm.com>
- To: "Linn, John" <jlinn@rsasecurity.com>
- Date: Tue, 27 Sep 2005 17:39:22 -0500
John and Hans, thank you for taking
the time to update and re-post your proposal.
TC Members, Now that we have a modified
proposal in front of us what do people think?
I would very much like to see some discussion
here so that we can be effective on the call on Tuesday.
Thanks to those of you that have already
posted your views
Cheers
Kelvin
"Linn, John" <jlinn@rsasecurity.com>
wrote on 09/27/2005 10:48:05 AM:
> Following last week's discussion, we'd like to offer the following
> revised version of the OTP-Token proposal for consideration by the
TC:
>
> RSA Security and VeriSign would like to propose a new work item for
the
> WSS TC, defining a WSS profile for use of One-Time Password (OTP)
> authentication. The intended goal is to accommodate a broad
range of
> OTP technologies within the WSS framework. While conceptually
similar
> to the existing UsernameToken profile, this profile would support
> transport of OTP-related ancillary information (e.g., PINs, challenges,
> counters, device and algorithm identifiers) in conjunction with
> authentication requests in order to provide comprehensive support
for
> OTP methods within the WSS/SOAP environment.
>
> We anticipate that the profile will accommodate OTP methods including
> (but not limited to) OATH HOTP, RACF PassTickets, RSA SecurID(r)
> authenticator token devices, and other candidates that may be identified
> within the TC. While IPR claims may apply to underlying OTP methods
that
> the profile may support, the proposers intend that the constructions
to
> be defined in the profile itself be unencumbered.
>
> This profile would be functionally comparable to other profiles defined
> within the WSS TC, so we believe it is appropriate to standardize
within
> the same forum. We propose that this activity be undertaken
as a
> general TC work item, comparable to other profiles addressed by the
TC,
> rather than within a distinct subcommittee. It is not the proposers'
> intent that this work item be incorporated into WSS 1.1, or that it
> delay TC progress on that release.
>
> We anticipate that existing and related work will be available as
input
> for this task. The One-Time Password Specifications (OTPS,
> http://www.rsasecurity.com/rsalabs/otps)
> initiative, coordinated by RSA Security, has produced an OTP-WSS-Token
> specification which has evolved in response to public review and
> comment. RSA Security proposes to submit a version of this document
as
> input to the WSS TC.
>
> VeriSign, in conjunction with the Open Authentication initiative (OATH,
> http://www.openauthentication.org) is also producing work related
to an
> OTP token profile. We anticipate that versions of these input
documents
> will be ready for OASIS submission by or during October 2005. We propose
> that the results of these efforts, along with any other inputs which
may
> be received through the OASIS process, be harmonized under WSS TC
> auspices.
>
>
> John Linn, RSA Security
> Hans Granqvist, VeriSign
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail. You may a link to this group and all your
TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]