[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri-editors] RE: Trusted resolution
i think you get that when you address access control (client authentication). if we are avoiding AC, then we neccesarily should avoid client auth. As with my previous posting, i still think we need to at least advise on this subject... however, simple advice does not result in interoperability, at least in most cases (tho we could point very stringly at SAML for this) --- peterd Sakimura, Nat wrote: >Don't we need the flip side of it? i.e., Some mechanism that information >provider can be reasonably assured of the identity of the information >requester. > >Nat > >-----Original Message----- >From: Dave McAlpin [mailto:dave.mcalpin@epokinc.com] >Sent: Tuesday, May 20, 2003 7:52 AM >To: 'Wachob, Gabe'; xri-editors@lists.oasis-open.org >Subject: RE: [xri-editors] RE: Trusted resolution > >Let's change "Specification of the actual mechanism for trusted >resolution >may be out of scope for this effort." to "Specification of the actual >mechanism for trusted resolution may be outside the scope of this TC." > >-----Original Message----- >From: Wachob, Gabe [mailto:gwachob@visa.com] >Sent: Monday, May 19, 2003 3:51 PM >To: xri-editors@lists.oasis-open.org >Subject: RE: [xri-editors] RE: Trusted resolution > >Looks fine to me. > > -Gabe > > > >>-----Original Message----- >>From: Dave McAlpin [mailto:dave.mcalpin@epokinc.com] >>Sent: Monday, May 19, 2003 3:43 PM >>To: xri-editors@lists.oasis-open.org >>Subject: [xri-editors] RE: Trusted resolution >> >> >>I still haven't gotten the ok to distribute the trusted >>resolution proposal, >>but I also had an action item to provide alternative text for >>section 4.9 of >>the requirements doc. How's this? >> >>The XRI specification must ensure that the specified >>resolution mechanism(s) >>can be extended to provide trusted resolution. Trusted >>resolution in this >>context means the relying party (i.e. the party requesting >>resolution) can >>trust that the result of resolution is correct as defined by >>the resource's >>controlling identifier authority. Specification of the actual >>mechanism for >>trusted resolution may be out of scope for this effort. Data >>confidentiality >>and access control are explicitly outside the scope of this >>requirement. >> >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: xri-editors-unsubscribe@lists.oasis-open.org >>For additional commands, e-mail: xri-editors-help@lists.oasis-open.org >> >> >> > >--------------------------------------------------------------------- >To unsubscribe, e-mail: xri-editors-unsubscribe@lists.oasis-open.org >For additional commands, e-mail: xri-editors-help@lists.oasis-open.org > > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: xri-editors-unsubscribe@lists.oasis-open.org >For additional commands, e-mail: xri-editors-help@lists.oasis-open.org > >--------------------------------------------------------------------- >To unsubscribe, e-mail: xri-editors-unsubscribe@lists.oasis-open.org >For additional commands, e-mail: xri-editors-help@lists.oasis-open.org > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]