I asked the guy making the presentation about the similarity to Kerberos
message flows and he said something to the effect of ah yes, kerberos.
Not sure what the guy meant by that. But yes, SAML flows are just
like Kerberos flows. And Liberty and WS-Federation look a lot like DCE
cross-cell
On Mon, 2003-12-29 at 10:16, Rich Salz wrote:
Not sure what the guy meant by that. But yes, SAML flows are just
like Kerberos flows. And Liberty and WS-Federation look a lot like DCE
cross-cell (er, Kerberos inter-realm) flows. After all, there's only not
many ways to do secure online
At 02:01 PM 12/23/2003 -0500, Rich Salz wrote:
How many years have you been saying this, now? :) How do those modern
online environments achieve end-to-end content integrity and privacy? My
guess is that they don't; their use of private value-add networks made it
unnecessary. If my guess
At 02:29 PM 12/25/2003 +1300, Peter Gutmann wrote:
X.509 certs were designed to solve the problem of authenticating users to the
global X.500 directory. So they're good at what they were designed for
(solving a problem that doesn't exist [0]), and bad at everything else
(solving any other sort of
At 02:01 PM 12/23/2003 -0500, Rich Salz wrote:
If so, then I believe that we need a federated identity and management
infrastructure. The difference is that the third-party PKI enrollment
model still doesn't make sense, and organizations will take over their own
identity issues, as with SAML
2) certificates were fundamentally designed to address a trust issue in
offline environments where a modicum of static, stale data was better
than nothing
How many years have you been saying this, now? :) How do those modern
online environments achieve end-to-end content integrity and privacy?
Ian Grigg [EMAIL PROTECTED] 12/20/2003 12:15:51 PM
One of the (many) reasons that PKI failed is
that businesses simply don't outsource trust.
Of course they do. Examples:
DB and other credit reporting agencies.
SEC for fair reporting of financial results.
International Banking Letters of
At 07:34 PM 12/22/2003 -0700, Ed Reed wrote:
Of course they do. Examples:
DB and other credit reporting agencies.
SEC for fair reporting of financial results.
International Banking Letters of Credit when no shared root of trust
exists.
Errors and Ommissions Professional Liability insurance for