- From: Krishna Sankar <ksankar@cisco.com>
- Date: Wed, 24 Jul 2002 20:40:04 -0700
- To: "'Joseph Hui'" <Joseph.Hui@exodus.net>, <www-ws-arch@w3.org>
Joe, It could be the assertion (2.3.2) consisting of AutnZ decision statement(s) Sections 2.4.4, 3.3.5 of the SAML spec http://www.oasis-open.org/committees/security/docs/cs-sstc-core-01.pdf cheers | -----Original Message----- | From: www-ws-arch-request@w3.org | [mailto:www-ws-arch-request@w3.org] On Behalf Of Joseph Hui | Sent: Wednesday, July 24, 2002 7:18 PM | To: www-ws-arch@w3.org | Subject: SAML's authZ token? | | | | Hi all, | | I recall someone from the WSAWG mentioned something | to the effect of "using SAML"s authorization token" | a while ago. (It had to be "SAML's," as I remember, | because "Passport's" or "Liberty Alliance's" or | something else's would have been locked into other | cells of my memory.) | | I'm having difficulty locating where and what SAML does | about Authorization. I did read the "Sec & Privacy Cons | for SAML" doc, which a colleague of mine cc'ed me a week | prior to the last F2F, circa June. AuthZ was not there. | Was I missing something or simply misinformed? | | Thanks, | | Joe Hui | Exodus, a Cable & Wireless service | |
Received on Wednesday, 24 July 2002 23:41:11 UTC