On 19-Jan-06, at 5:27 AM, Ben Laurie wrote:
John Merrells wrote:
An identity information exchange should involve just three
parties: the
user, their agent, and a relying party. The user’s agent is where
they
authenticate themselves and a repository where they store their
identity
information, and the relying party is an entity requesting identity
information.
This seems overly prescriptive. In particular, it would appear to
exclude any kind of temporary certificate. It also excludes
proxies. Oh,
and the case where authentication occurs elsewhere.
Hey Ben, would you take the time to write up simple use cases for
your three points so that we (or at least I) can understand them?
-- Dick
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
