[15037] in cryptography@c2.net mail archive
Re: Ousourced Trust (was Re: Difference between TCPA-Hardware
daemon@ATHENA.MIT.EDU (Anne & Lynn Wheeler)
Sat Dec 27 00:31:47 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 23 Dec 2003 14:52:14 -0700
To: Rich Salz <rsalz@datapower.com>
From: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: Anne & Lynn Wheeler <lynn@garlic.com>, cryptography@metzdowd.com
In-Reply-To: <3FE89121.3030605@datapower.com>
At 02:01 PM 12/23/2003 -0500, Rich Salz wrote:
>If so, then I believe that we need a federated identity and management
>infrastructure. The difference is that the third-party PKI enrollment
>model still doesn't make sense, and organizations will take over their own
>identity issues, as with SAML and Liberty. Once you do that, adding
>"publicKey" as just another attribute is no big deal. With any luck, the
>new year will bring the analogy SOAP::other middleware as SAML::x.509 :)
the one detailed presentation that I've so far seen of a SAML based product
.... looked like it had exactly the same message flows description that I
sat thru in a Kerberos project audit in the '80s. I asked the guy making
the presentation about the similarity to Kerberos message flows and he said
something to the effect of ah yes, kerberos.
random kerberos refs:
http://www.garlic.com/~lynn/subpubkey.html#kerberos
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
