OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xri] Secure XRD Proposals

That's Brian and John's proposal, so I would like to defer it to them for an authoritative answer.

________________________________________
差出人: Peter Davis [peter.davis@neustar.biz]
送信日時: 2008年12月18日 22:00
宛先: Sakimura Nat
CC: xri@lists.oasis-open.org
件名: Re: [xri] Secure XRD Proposals

Out of curiosity, what was the motivation for the introduction of the
SXRD element for the signature in proposal 1?

=peterd

On Dec 17, 2008, at 8:54 PM, n-sakimura@nri.co.jp wrote:

> Hi
>
> I have created a page:
>
> http://wiki.oasis-open.org/xri/XrdOne/SecureXrd
>
> It is the result of some private message exchange among me, Brian
> and John.
>
> If we were to forget about the backward comaptibility to XRDS2.0, I
> personally like 1.2 SAML POST Simple Sign Binding style.
>
> Otherwise, I like 1.3 Backword Comaptible XRD.
>
> Related, but separet topic beside the format is whether to include
> SigAlg in a signed material. XML Sig calls for SigAlg to be included
> in the signed material citing weak algorithm attack. Then, there is
> an argument that while theoretically interesting, the real risk is
> very small.
>
> Please discuss on this as well.
>
> Actually, if we take 1.2 SAML Simple Sign Style, we can get SigAlg
> outside of XRD and still sign it, so it is quite nice.

Peter Davis: NeuStar, Inc.
Director & Distinguished Member of the Technical Staff
45980 Center Oak Plaza Sterling, VA 20166
[T] +1 571 434 5516 [E] peter.davis@neustar.biz [W] http://www.neustar.biz/
  [X] xri://@neustar*pdavis [X] xri://=peterd
The information contained in this e-mail message is intended only for
the use of the recipient(s) named above and may contain confidential
and/or privileged information. If you are not the intended recipient
you have received this e-mail message in error and any review,
dissemination, distribution, or copying of this message is strictly
prohibited. If you have received this communication in error, please
notify us immediately and delete the original message.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]