Re: [plasma] Binary value encoding in AuthenticationTypeWSToken
"Jim Schaad" <jimsch@nwlink.com> Thu, 28 June 2012 02:55 UTC
Return-Path: <jimsch@nwlink.com>
X-Original-To: plasma@ietfa.amsl.com
Delivered-To: plasma@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6884611E81AC for <plasma@ietfa.amsl.com>; Wed, 27 Jun 2012 19:55:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id deeXYtBaUpjP for <plasma@ietfa.amsl.com>; Wed, 27 Jun 2012 19:55:06 -0700 (PDT)
Received: from smtp2.pacifier.net (smtp2.pacifier.net [64.255.237.172]) by ietfa.amsl.com (Postfix) with ESMTP id 3682C11E81AB for <plasma@ietf.org>; Wed, 27 Jun 2012 19:55:06 -0700 (PDT)
Received: from Tobias (mail.augustcellars.com [50.34.17.238]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp2.pacifier.net (Postfix) with ESMTPSA id 24D642C9BB; Wed, 27 Jun 2012 19:55:04 -0700 (PDT)
From: Jim Schaad <jimsch@nwlink.com>
To: 'Dan Griffin' <dan@jwsecure.com>, plasma@ietf.org
References: <B66E1F139A0F29418103E63A6124AC1C09FDFC0B@BY2PRD0511MB427.namprd05.prod.outlook.com>
In-Reply-To: <B66E1F139A0F29418103E63A6124AC1C09FDFC0B@BY2PRD0511MB427.namprd05.prod.outlook.com>
Date: Wed, 27 Jun 2012 19:53:44 -0700
Message-ID: <018501cd54d9$3dae6c50$b90b44f0$@nwlink.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0186_01CD549E.9150F3E0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHyMd5/I3NLBHFDvMpYXySK4MLPh5bFTc8w
Content-Language: en-us
Subject: Re: [plasma] Binary value encoding in AuthenticationTypeWSToken
X-BeenThere: plasma@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The PoLicy Augmented S/Mime \(plasma\) bof discussion list." <plasma.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/plasma>, <mailto:plasma-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/plasma>
List-Post: <mailto:plasma@ietf.org>
List-Help: <mailto:plasma-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/plasma>, <mailto:plasma-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jun 2012 02:55:07 -0000
Please let me know what text is unclear in the document. This is A correct type. There is no ONE correct type of token to be returned. This is strictly a choice of the server. The server can use an XML based token, such as SAML or an ASN.1 based token, such as CMS or a non-structured token, such as an index in a database. There is no requirement in the document that the client understand the token returned to the client. In fact the requirement is just the opposite. The token is to be treated as an opaque blob by the client. If data such as lifetimes is to be returned they are returned as wst namespace attributes. Jim From: plasma-bounces@ietf.org [mailto:plasma-bounces@ietf.org] On Behalf Of Dan Griffin Sent: Wednesday, June 27, 2012 1:42 PM To: plasma@ietf.org Subject: [plasma] Binary value encoding in AuthenticationTypeWSToken We're using AuthenticationTypeWSToken to transmit a SAML token - is that the correct type? If so, just wanted to clarify - the Value member of that type is a hex binary string, which seems like an odd choice. Wouldn't XML make more sense?