I know you are keen on getting the focus on authorization, but I'm not too
interested in dropping authentication and keeping authorization. Either
authent +author, or neither would be my interest.
From: Philip Hallam-Baker [mailto:pba...@verisign.com]
Sent: Monday, January 29, 2001 12:23 PM
To: 'Eve Maler'; secu...@lists.oasis-open.org
Subject: RE: What shall we name our specification(s)?
My objection to A2ML was that specifying Authentication in the name to me
implies that we would be supporting authenticated key exchange, which is
something I don't want to do in an OASIS group, that is something I would
prefer to do in a closed group of cryptographers and network security
On the other hand "Authorization Assertion Markup Language" would have the
initials A2ML, thus indicating the warm touchy feely get together vibes
people want, being clearly a descendent of S2ML and Auth XML (whose current
voting success I take note of).
Does anyone else have definite feelings towards the binding of the second A?