Here is a review by Andreas Pashalidis: ----------------------
Here are a few small comments:
"trait-based" authentication sounds a bit unconventional. Cannot you just talk about "attribute-based" authorization? That would be better aligned with SAML terminology.
From the description in section 5 and figure 1, it is not always clear
if you talk about an "authentication assertion" or an "attribute assertion" - Figure 2, step 5: is it possible to have multiple attribute statements in the response? (for example, if possession of multiple attributes is required?) Section 6.1.4.1.4: what does it mean if there is no attribute statement? is it an authentication assertion then? if yes, what would be the authentication context? Section 9.2: it would be nice to have some exaplanation there, without having to refer to a different spec/document. Thats all for now. Gruss, Andreas -- all primes are odd, except two, and this is the oddest of all! _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
