[OGSA-AUTHZ] SAML AuthZ Service / Web Services Security X.509 Certificate Token Profile
Von Welch
vwelch at ncsa.uiuc.edu
Thu Jan 20 19:57:54 CST 2005
Markus Lorch writes (09:51 January 20, 2005):
> Hi all,
>
> the SAML AuthZ Service document in section 6.1 requires us to
> use the Web Services Security X.509 Certificate Token Profile
> to encode certificate paths. I have been keeping my eyes open
> for an implementation of this standard for the last few months
> with no success.
This isn't technically correct as the encoding of the certificate
chain is a SHOULD not a MUST.
I just checked with Rachana and GT does not include the
SubjectConfirmation element, so no help there.
> Do any of you know of an implementation or are working on one?
> (e.g. for the delegation service?) Do you have other implementations/
> standards to encode certificate paths via XML?
>
> Btw, the reference to this standard in the document needs
> updating, the standard was finalized in the Spring of 2004, it
> is no longer a draft. - There is an old "Editor's note"
> in section 6.1.2 SubjectConfirmation Element from Von that
> can also be taken out. Maybe this can be fixed before its
> submitted to the editor (otherwise I'll repost in public comment)
Thanks. I don't think it has been submitted yet, I've made these
corrections in my latest version in any case.
Von
> Thanks
>
> Markus
>
>
> ----------------------------------------------------------------
> Markus Lorch
> Department of Computer Science Phone: +1 540 231 5914
> Virginia Tech, m/c 106 Fax: +1 540 231 6075
> Blacksburg, VA 24061, U.S.A. http://people.cs.vt.edu/~mlorch
More information about the ogsa-authz-wg
mailing list