RE: [security-services] Draft SSTC Meeting Minutes - 15-Jul-2008 w/Roll Call (attendance) - Scott Cantor - org.oasis-open.lists.security-services

5 messages in org.oasis-open.lists.security-servicesRE: [security-services] Draft SSTC Me...

From	Sent On	Attachments
=JeffH	Jul 15, 2008 7:02 pm
Tom Scavo	Jul 15, 2008 8:19 pm
Scott Cantor	Jul 16, 2008 8:03 am
Tom Scavo	Jul 16, 2008 3:24 pm
Scott Cantor	Jul 17, 2008 7:47 am

Subject:	RE: [security-services] Draft SSTC Meeting Minutes - 15-Jul-2008 w/Roll Call (attendance)
From:	Scott Cantor (cant...@osu.edu)
Date:	Jul 16, 2008 8:03:51 am
List:	org.oasis-open.lists.security-services

sc: no fundamental disagreement w/Nate, but there is a question (ques) wrt rules for requesting SubjectConfirmation (SubjConf), there's a ques wrt syntax rules for requiring a HOK assertion -- so there's a ques on whether or not one always needs to pass SubjConf data in a request, and perhaps the same thinking applies to queries

Just to clarify, I believe Scott was saying that he and I were in fundamental agreement (which I think is a fair statement). Evidently Nate hasn't had a chance to review the comments or the discussion.

Yes, that's what I meant. I didn't think there was any major contentious debate in that thread, just discussing alternatives and noting possible issues.

I will say though, and we didn't talk about it on the call, that the whole issue of overlapping endpoints and the use of metadata probably needs some discussion.

I don't have strong opinions about a "right" way to do it, but I can certainly answer questions about how you can or can't do it.

-- Scott

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets