[
Lists Home |
Date Index |
Thread Index
]
> 2) Create a cartel of like-minded businesses, based upon agreed uses of data
>interchanged, from which each party can assure itself that a requester of data has a
>need-to-know which the supplier of that data considers legitimate. This is the model
>for which Messrs. Chiusano and Cavnar-Johnson are discussing the implementation
>logistics of 'X.509 certs, SAML, Kerberos tickets, etc.'
>
Except for part of the original query saying "how could I add this to
WSDL," nothing in this dicussion thread has limited how data can be
used. Most of the discussion has been about how to present
authentication information. Authorization hasn't entered into it. SAML
et al aren't limited to your model described above. Authenticating the
parties can be orthogonal to the data and how it's being used, ya know.
/r$
|