OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Blended Authentication (AKA "Granular Access Control")

[ Lists Home | Date Index | Thread Index ]


>    2) Create a cartel of like-minded businesses, based upon agreed uses of data
>interchanged, from which each party can assure itself that a requester of data has a
>need-to-know which the supplier of that data considers legitimate. This is the model
>for which Messrs. Chiusano and Cavnar-Johnson are discussing the implementation
>logistics of 'X.509 certs, SAML, Kerberos tickets, etc.'
>
Except for part of the original query saying "how could I add this to 
WSDL," nothing in this dicussion thread has limited how data can be 
used. Most of the discussion has been about how to present 
authentication information.  Authorization hasn't entered into it.  SAML 
et al aren't limited to your model described above.  Authenticating the 
parties can be orthogonal to the data and how it's being used, ya know.
    /r$






 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS