OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [wss] OTP and the "charter" discussion.

> So then as I understand it we would do an OPT profile 
> framework that would mandate support for OATH HMAC OTP in 
> order to guarantee we could do interopt testing.  Is that 
> what you are proposing?  

No, that is not what I propose.

I was thinking more along the lines that interop testing 
requires implementation of a set of mechanisms defined -- 
the implementer would simply decide which scenarios to 
participate in and then implement accordingly.  

The size of the set of scenarios depends on the activities of 
the working group.  Isn't this how WS-Security proper interop 
is done?

My reaction to your statement was that you didn't recognize
that the framework we propose is not "only a framework for 
proprietary mechanisms."

> ________________________________
> From: Granqvist, Hans [mailto:hgranqvist@verisign.com]
> Sent: Thu 29/09/2005 16:16
> To: Paul Cotton; Linn, John; Frederick Hirsch; Philpott, Robert
> Cc: Kelvin Lawrence; wss@lists.oasis-open.org
> Subject: RE: [wss] OTP and the "charter" discussion.
> > In fact how would you do interop testing if the profile is only a 
> > framework for proprietary mechanisms?
> OATH HMAC OTP [1] is published in IETF.  Do you classify that 
> as proprietary?
> Hans
> [1]
> http://www.ietf.org/internet-drafts/draft-mraihi-oath-hmac-otp-04.txt

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]