- From: Jason Crawford <nn683849@smallcue.com>
- Date: Sun, 22 Sep 2002 22:37:14 -0400
- To: "Dyer, Kevin" <kevin.dyer@matrixone.com>
- Cc: "'Clemm, Geoff'" <gclemm@Rational.Com>, Webdav WG <w3c-dist-auth@w3c.org>
> With this as the problem statement, I believe that we need to look outside of > our own protocol here and take a look at one or more protocols that o= nly deal > with the authentication and authorization of users and systems. Why d= oes WebDAV > have to come up with the whole package themselves? If we look at the = SAML > specifications for a moment, it provides the ability to request from = a server > what a particular user is asking for and get back a complete answer. = Yes, it is > another call but the user is guaranteed to have a complete answer as = to > authentication and authorization across a large circle of influence. = By > adopting SAML as the back-end mechanism we will also pick up a true single > sign-on capability for WebDAV, something we've talked about and allud= ed to but > have not considered it in the RFC. > > =A0=A0=A0=A0=A0=A0=A0 =A0=A0=A0=A0=A0=A0=A0 =A0=A0=A0=A0=A0=A0=A0 Com= ments, rocks, bottles, or stones? SAML is probably pretty good, but our needs appear to be minimal (or le= ss) and as you can see from Geoff's posting, providing that capability in some = form would probably be trivial. That doesn't mean that clients shouldn't/can't use= SAML. They can if they want. But it's not something that is generally required to= achieve the WebDAV functionality and interoperability, at least not for this problem, so it probably doesn't need to go in the base WebDAV spe= c. =
Received on Sunday, 22 September 2002 23:52:04 UTC