Potential Errata: Holder of Key is still broken? - Prateek Mishra - org.oasis-open.lists.security-services

9 messages in org.oasis-open.lists.security-servicesPotential Errata: Holder of Key is st...

From	Sent On	Attachments
Thomas Wisniewski	Jan 4, 2006 8:10 pm
Prateek Mishra	Jan 16, 2006 9:10 pm
Prateek Mishra	Jan 16, 2006 10:41 pm
Prateek Mishra	Jan 17, 2006 12:23 am
Eve L. Maler	Jan 17, 2006 10:08 am
Eve L. Maler	Jan 17, 2006 11:56 am
Olivier Dubuisson	Jan 18, 2006 5:10 am
Eve L. Maler	Jan 18, 2006 12:13 pm
Eve L. Maler	Jan 18, 2006 12:25 pm

Subject:	Potential Errata: Holder of Key is still broken?
From:	Prateek Mishra (prat...@oracle.com)
Date:	Jan 17, 2006 12:23:53 am
List:	org.oasis-open.lists.security-services

I recall an extensive discussion around the removal of the phrase "held by the subject" in reference to holder of key. The idea was that HoK described a key that required proof of possession by a attesting entity vs. being held by the subject,

Appropriate text does appear in lines 781-783 of saml2-core. However, lines 335-337 of saml2-profiles reads [quote] As described in [XMLSig], each <ds:KeyInfo> element holds a key or information that enables an application to obtain a key. The holder of a specified key is considered to be the subject of the assertion by the asserting party. [quote]

Proposal: replace the last sentence by

"The holder of a specified key is considered to be an acceptable attesting entity for the assertion by the relying party"

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets