RE: Updated SSO & Federated Identity use cases from Hal Lockhart on 2007-01-09 (public-wsc-wg@w3.org from January 2007)

From: Hal Lockhart <hlockhar@bea.com>
Date: Mon, 8 Jan 2007 19:49:12 -0800
To: "Sverdlov, Yakov" <Yakov.Sverdlov@ca.com>
Cc: <public-wsc-wg@w3.org>
Message-ID: <D0C847B2BD75414090045D8C7EA3D59402EAAB05@repbex01.amer.bea.com>

I guess I don't get the point of Case 4. There are literally scores of
variations on the cases 1-3 which I did not mention because the details
may or may not matter. Certainly the systems mentioned allow the Subject
Name identifier to be the same. Having them be different is the more
interesting case because:

 

A. It is more general

B. It can preserve privacy.

C. In the real world people actually possess ids with different Subject
Name Identifiers.

 

In your mind what is the critical difference in case for, other than
being yet another data flow?

 

Hal

 

________________________________

From: member-wsc-wg-request@w3.org [mailto:member-wsc-wg-request@w3.org]
On Behalf Of Sverdlov, Yakov
Sent: Monday, January 08, 2007 8:49 AM
To: member-wsc-wg@w3.org
Subject: Updated SSO & Federated Identity use cases

 

Hi,

 

I added Identity 2.0 section to the SSO & Federated Identity Wiki page.
After looking at the REST use cases, I don't think they are distinct
enough from the security context perspective, so I didn't add them to
the Wiki.

 

Regards,

 

Yakov Sverdlov

CA

Received on Tuesday, 9 January 2007 03:49:26 UTC