Re: XKMS and X509v3 attributes, where to put them in?

Hi Michael, hi all,

you can find an open-source implementation of XKMS supporting WS from our group at  http://sourceforge.net/projects/xkms  For SAML, we have been also 
doing some research and prototyping, but mostly related with Network Access, so we initially avoid using WS in the design.


Kind regards, Gregorio

Gregorio Martinez, PhD
University of Murcia (UMU), Spain



Michael Wilde wrote:
> Hi Ed,
> 
> I must admit that I am not familiar with SAML yet. Basically I am 
> looking for a standardized way to send and receive messages to a trusted 
> authority that is able to issue Attribute Certificates. The role 
> information has to be included as attribute in such ACs.
> 
> Stephen told me to use SAML but I am still not sure if it is suiteable 
> in the scenario sketched in one of my previous postings. At the moment 
> we are thinking of a solution that uses both PKCs and ACs for 
> authentication and authorization. We use XKMS to request and retreive 
> PKCs and should use SAML (?) for the same reason with ACs.
> 
> Are there any Web services available that could be used for proof of 
> concept testings yet?
> 
> Regards,
> Michael.
> 
> 
> */Ed Simon <edsimon@xmlsec.com>/* schrieb:
> 
> 
>     In a Web Services context, one could look at starting with an X.509
>     token
>     and then exchanging that, through WS-Trust, for a related SAML token
>     containing the role information.
> 
>     Michael, Manuel, does that sound like it would suit your problem
>     scenario?
> 
>     Regards, Ed
>     _____________________
>     Ed Simon
>     Principal, XMLsec Inc.
>     (613) 726-9645
> 
>     Interested in XML, Web Services, or Security? Visit
>     "http://www.xmlsec.com".
> 
> 
>     New! "Privacy Protection for E-Services" published by Idea Group (ISBN:
>     1-59140-914-4 for hard cover, 1-59140-915-2 for soft cover).
>     Includes a chapter, by Ed Simon, on "Protecting Privacy Using XML,
>     XACML,
>     and SAML".
>     See the Table of Contents here: "http://tinyurl.com/rukr4".
> 
>     -----Original Message-----
>     From: www-xkms-request@w3.org [mailto:www-xkms-request@w3.org] On
>     Behalf Of
>     Stephen Farrell
>     Sent: October 17, 2006 08:14
>     To: Michael Wilde
>     Cc: www-xkms@w3.org
>     Subject: Re: XKMS and X509v3 attributes, where to put them in?
> 
> 
> 
> 
>     Michael Wilde wrote:
>      > This raises the question: is there any standardized request/response
>      > protocol available for the communication with an Attribute
>     Authority yet?
> 
>     SAML.
> 
>     S.
> 
> 
> 
> ------------------------------------------------------------------------
> NEU: Fragen stellen - Wissen, Meinungen und Erfahrungen teilen. Jetzt 
> auf Yahoo! Clever 
> <http://de.rd.yahoo.com/xx/searchpromo/i/tagline/cleverfp/*http://de.answers.yahoo.com>. 
> 

Received on Friday, 20 October 2006 14:53:44 UTC